NSX-T Data Center Global Manager REST API
ALBAcceptedCipherEnums (type)
{
"description": "Valid ENUM values for ALBAcceptedCipherEnums",
"enum": [
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_AES_256_GCM_SHA384",
"TLS_CHACHA20_POLY1305_SHA256",
"TLS_AES_128_GCM_SHA256"
],
"id": "ALBAcceptedCipherEnums",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AcceptedCipherEnums type",
"type": "string"
}
ALBActiveStandbySeTag (type)
{
"description": "Valid ENUM values for ALBActiveStandbySeTag",
"enum": [
"ACTIVE_STANDBY_SE_1",
"ACTIVE_STANDBY_SE_2"
],
"id": "ALBActiveStandbySeTag",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ActiveStandbySeTag type",
"type": "string"
}
ALBAlertScriptConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AlertScriptConfig object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBAlertScriptConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action_script": {
"description": "User Defined Alert Action Script. Please refer to kb.avinetworks.com for more information.",
"required": false,
"title": "Action script",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "AlertScriptConfig",
"type": "object"
}
ALBAnalyticsPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AnalyticsPolicy object",
"id": "ALBAnalyticsPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"all_headers": {
"default": false,
"description": "Log all headers. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "All headers",
"type": "boolean"
},
"client_insights": {
"$ref": "ALBClientInsights,
"default": "NO_INSIGHTS",
"description": "Gain insights from sampled client to server HTTP requests and responses. Enum options - NO_INSIGHTS, PASSIVE, ACTIVE. Default value when not specified in API or module is interpreted by ALB Controller as NO_INSIGHTS.",
"required": false,
"title": "Client insights"
},
"client_insights_sampling": {
"$ref": "ALBClientInsightsSampling,
"description": "Placeholder for description of property client_insights_sampling of obj type AnalyticsPolicy field type str type ref.",
"required": false,
"title": "Client insights sampling"
},
"client_log_filters": {
"description": "Placeholder for description of property client_log_filters of obj type AnalyticsPolicy field type str type array.",
"items": {
"$ref": "ALBClientLogFilter
},
"required": false,
"title": "Client log filters",
"type": "array"
},
"full_client_logs": {
"$ref": "ALBFullClientLogs,
"description": "Placeholder for description of property full_client_logs of obj type AnalyticsPolicy field type str type ref.",
"required": false,
"title": "Full client logs"
},
"metrics_realtime_update": {
"$ref": "ALBMetricsRealTimeUpdate,
"description": "Settings to turn on realtime metrics and set duration for realtime updates.",
"required": false,
"title": "Metrics realtime update"
},
"significant_log_throttle": {
"default": 10,
"description": "This setting limits the number of significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"required": false,
"title": "Significant log throttle",
"type": "integer"
},
"udf_log_throttle": {
"default": 10,
"description": "This setting limits the total number of UDF logs generated per second for this VS on each SE. UDF logs are generated due to the configured client log filters or the rules with logging enabled. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"required": false,
"title": "Udf log throttle",
"type": "integer"
}
},
"title": "AnalyticsPolicy",
"type": "object"
}
ALBAnalyticsProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AnalyticsProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBAnalyticsProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"apdex_response_threshold": {
"default": 500,
"description": "If a client receives an HTTP response in less than the Satisfactory Latency Threshold, the request is considered Satisfied. It is considered Tolerated if it is not Satisfied and less than Tolerated Latency Factor multiplied by the Satisfactory Latency Threshold. Greater than this number and the client's request is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 500) edition, Essentials(Allowed values- 500) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 500.",
"maximum": 30000,
"minimum": 1,
"required": false,
"title": "Apdex response threshold",
"type": "integer"
},
"apdex_response_tolerated_factor": {
"default": 4.0,
"description": "Client tolerated response latency factor. Client must receive a response within this factor times the satisfactory threshold (apdex_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Apdex response tolerated factor",
"type": "number"
},
"apdex_rtt_threshold": {
"default": 250,
"description": "Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 250) edition, Essentials(Allowed values- 250) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 250.",
"maximum": 2000,
"minimum": 1,
"required": false,
"title": "Apdex rtt threshold",
"type": "integer"
},
"apdex_rtt_tolerated_factor": {
"default": 4.0,
"description": "Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Apdex rtt tolerated factor",
"type": "number"
},
"apdex_rum_threshold": {
"default": 5000,
"description": "If a client is able to load a page in less than the Satisfactory Latency Threshold, the PageLoad is considered Satisfied. It is considered tolerated if it is greater than Satisfied but less than the Tolerated Latency multiplied by Satisifed Latency. Greater than this number and the client's request is considered Frustrated. A PageLoad includes the time for DNS lookup, download of all HTTP objects, and page render time. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 5000) edition, Essentials(Allowed values- 5000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5000.",
"maximum": 30000,
"minimum": 1,
"required": false,
"title": "Apdex rum threshold",
"type": "integer"
},
"apdex_rum_tolerated_factor": {
"default": 4.0,
"description": "Virtual service threshold factor for tolerated Page Load Time (PLT) as multiple of apdex_rum_threshold. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Apdex rum tolerated factor",
"type": "number"
},
"apdex_server_response_threshold": {
"default": 400,
"description": "A server HTTP response is considered Satisfied if latency is less than the Satisfactory Latency Threshold. The response is considered tolerated when it is greater than Satisfied but less than the Tolerated Latency Factor (STAR) S_Latency. Greater than this number and the server response is considered Frustrated. Allowed values are 1-30000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 400) edition, Essentials(Allowed values- 400) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 400.",
"maximum": 30000,
"minimum": 1,
"required": false,
"title": "Apdex server response threshold",
"type": "integer"
},
"apdex_server_response_tolerated_factor": {
"default": 4.0,
"description": "Server tolerated response latency factor. Servermust response within this factor times the satisfactory threshold (apdex_server_response_threshold) to be considered tolerated. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Apdex server response tolerated factor",
"type": "number"
},
"apdex_server_rtt_threshold": {
"default": 125,
"description": "Satisfactory client to Avi Round Trip Time(RTT). Allowed values are 1-2000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 125) edition, Essentials(Allowed values- 125) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 125.",
"maximum": 2000,
"minimum": 1,
"required": false,
"title": "Apdex server rtt threshold",
"type": "integer"
},
"apdex_server_rtt_tolerated_factor": {
"default": 4.0,
"description": "Tolerated client to Avi Round Trip Time(RTT) factor. It is a multiple of apdex_rtt_tolerated_factor. Allowed values are 1-1000. Allowed in Basic(Allowed values- 4) edition, Essentials(Allowed values- 4) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Apdex server rtt tolerated factor",
"type": "number"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"client_log_config": {
"$ref": "ALBClientLogConfiguration,
"description": "Configure which logs are sent to the Avi Controller from SEs and how they are processed.",
"required": false,
"title": "Client log config"
},
"client_log_streaming_config": {
"$ref": "ALBClientLogStreamingConfig,
"description": "Configure to stream logs to an external server. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Client log streaming config"
},
"conn_lossy_ooo_threshold": {
"default": 50,
"description": "A connection between client and Avi is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn lossy ooo threshold",
"type": "integer"
},
"conn_lossy_timeo_rexmt_threshold": {
"default": 20,
"description": "A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn lossy timeo rexmt threshold",
"type": "integer"
},
"conn_lossy_total_rexmt_threshold": {
"default": 50,
"description": "A connection between client and Avi is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn lossy total rexmt threshold",
"type": "integer"
},
"conn_lossy_zero_win_size_event_threshold": {
"default": 2,
"description": "A client connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Conn lossy zero win size event threshold",
"type": "integer"
},
"conn_server_lossy_ooo_threshold": {
"default": 50,
"description": "A connection between Avi and server is considered lossy when more than this percentage of out of order packets are received. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn server lossy ooo threshold",
"type": "integer"
},
"conn_server_lossy_timeo_rexmt_threshold": {
"default": 20,
"description": "A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted due to timeout. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn server lossy timeo rexmt threshold",
"type": "integer"
},
"conn_server_lossy_total_rexmt_threshold": {
"default": 50,
"description": "A connection between Avi and server is considered lossy when more than this percentage of packets are retransmitted. Allowed values are 1-100. Unit is PERCENT. Allowed in Basic(Allowed values- 50) edition, Essentials(Allowed values- 50) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 50.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Conn server lossy total rexmt threshold",
"type": "integer"
},
"conn_server_lossy_zero_win_size_event_threshold": {
"default": 2,
"description": "A server connection is considered lossy when percentage of times a packet could not be trasmitted due to TCP zero window is above this threshold. Allowed values are 0-100. Unit is PERCENT. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Conn server lossy zero win size event threshold",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_adaptive_config": {
"default": true,
"description": "Enable adaptive configuration for optimizing resource usage. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable adaptive config",
"type": "boolean"
},
"enable_advanced_analytics": {
"default": false,
"description": "Enables Advanced Analytics features like Anomaly detection. If set to false, anomaly computation (and associated rules/events) for VS, Pool and Server metrics will be deactivated. However, setting it to false reduces cpu and memory requirements for Analytics subsystem. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable advanced analytics",
"type": "boolean"
},
"enable_ondemand_metrics": {
"default": true,
"description": "Virtual Service (VS) metrics are processed only when there is live data traffic on the VS. In case, VS is idle for a period of time as specified by ondemand_metrics_idle_timeout then metrics processing is suspended for that VS. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable ondemand metrics",
"type": "boolean"
},
"enable_se_analytics": {
"default": true,
"description": "Enable node (service engine) level analytics forvs metrics. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable se analytics",
"type": "boolean"
},
"enable_server_analytics": {
"default": true,
"description": "Enables analytics on backend servers. This may be desired in container environment when there are large number of ephemeral servers. Additionally, no healthscore of servers is computed when server analytics is enabled. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable server analytics",
"type": "boolean"
},
"enable_vs_analytics": {
"default": true,
"description": "Enable VirtualService (frontend) Analytics. This flag enables metrics and healthscore for Virtualservice. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable vs analytics",
"type": "boolean"
},
"exclude_client_close_before_request_as_error": {
"default": false,
"description": "Exclude client closed connection before an HTTP request could be completed from being classified as an error. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude client close before request as error",
"type": "boolean"
},
"exclude_dns_policy_drop_as_significant": {
"default": false,
"description": "Exclude dns policy drops from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude dns policy drop as significant",
"type": "boolean"
},
"exclude_gs_down_as_error": {
"default": false,
"description": "Exclude queries to GSLB services that are operationally down from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude gs down as error",
"type": "boolean"
},
"exclude_http_error_codes": {
"description": "List of HTTP status codes to be excluded from being classified as an error. Error connections or responses impacts health score, are included as significant logs, and may be classified as part of a DoS attack.",
"items": {
"type": "integer"
},
"required": false,
"title": "Exclude http error codes",
"type": "array"
},
"exclude_invalid_dns_domain_as_error": {
"default": false,
"description": "Exclude dns queries to domains outside the domains configured in the DNS application profile from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude invalid dns domain as error",
"type": "boolean"
},
"exclude_invalid_dns_query_as_error": {
"default": false,
"description": "Exclude invalid dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude invalid dns query as error",
"type": "boolean"
},
"exclude_issuer_revoked_ocsp_responses_as_error": {
"default": true,
"description": "Exclude the Issuer-Revoked OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Exclude issuer revoked ocsp responses as error",
"type": "boolean"
},
"exclude_no_dns_record_as_error": {
"default": false,
"description": "Exclude queries to domains that did not have configured services/records from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude no dns record as error",
"type": "boolean"
},
"exclude_no_valid_gs_member_as_error": {
"default": false,
"description": "Exclude queries to GSLB services that have no available members from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude no valid gs member as error",
"type": "boolean"
},
"exclude_persistence_change_as_error": {
"default": false,
"description": "Exclude persistence server changed while load balancing' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude persistence change as error",
"type": "boolean"
},
"exclude_revoked_ocsp_responses_as_error": {
"default": true,
"description": "Exclude the Revoked OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Exclude revoked ocsp responses as error",
"type": "boolean"
},
"exclude_server_dns_error_as_error": {
"default": false,
"description": "Exclude server dns error response from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude server dns error as error",
"type": "boolean"
},
"exclude_server_tcp_reset_as_error": {
"default": false,
"description": "Exclude server TCP reset from errors. It is common for applications like MS Exchange. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude server tcp reset as error",
"type": "boolean"
},
"exclude_sip_error_codes": {
"description": "List of SIP status codes to be excluded from being classified as an error. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"type": "integer"
},
"required": false,
"title": "Exclude sip error codes",
"type": "array"
},
"exclude_stale_ocsp_responses_as_error": {
"default": true,
"description": "Exclude the Stale OCSP certificate status responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Exclude stale ocsp responses as error",
"type": "boolean"
},
"exclude_syn_retransmit_as_error": {
"default": false,
"description": "Exclude 'server unanswered syns' from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude syn retransmit as error",
"type": "boolean"
},
"exclude_tcp_reset_as_error": {
"default": false,
"description": "Exclude TCP resets by client from the list of potential errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude tcp reset as error",
"type": "boolean"
},
"exclude_unavailable_ocsp_responses_as_error": {
"default": true,
"description": "Exclude the unavailable OCSP Responses from the list of errors. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Exclude unavailable ocsp responses as error",
"type": "boolean"
},
"exclude_unsupported_dns_query_as_error": {
"default": false,
"description": "Exclude unsupported dns queries from the list of errors. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exclude unsupported dns query as error",
"type": "boolean"
},
"healthscore_max_server_limit": {
"default": 0,
"description": "Skips health score computation of pool servers when number of servers in a pool is more than this setting. Allowed values are 0-5000. Special values are 0- 'server health score is deactivated'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 20. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 5000,
"minimum": 0,
"required": false,
"title": "Healthscore max server limit",
"type": "integer"
},
"hs_event_throttle_window": {
"default": 1209600,
"description": "Time window (in secs) within which only unique health change events should occur. Allowed in Basic(Allowed values- 1209600) edition, Essentials(Allowed values- 1209600) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1209600.",
"required": false,
"title": "Hs event throttle window",
"type": "integer"
},
"hs_max_anomaly_penalty": {
"default": 10,
"description": "Maximum penalty that may be deducted from health score for anomalies. Allowed values are 0-100. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Hs max anomaly penalty",
"type": "integer"
},
"hs_max_resources_penalty": {
"default": 25,
"description": "Maximum penalty that may be deducted from health score for high resource utilization. Allowed values are 0-100. Allowed in Basic(Allowed values- 25) edition, Essentials(Allowed values- 25) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 25.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Hs max resources penalty",
"type": "integer"
},
"hs_max_security_penalty": {
"default": 100,
"description": "Maximum penalty that may be deducted from health score based on security assessment. Allowed values are 0-100. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Hs max security penalty",
"type": "integer"
},
"hs_min_dos_rate": {
"default": 1000,
"description": "DoS connection rate below which the DoS security assessment will not kick in. Allowed in Basic(Allowed values- 1000) edition, Essentials(Allowed values- 1000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1000.",
"required": false,
"title": "Hs min dos rate",
"type": "integer"
},
"hs_performance_boost": {
"default": 0,
"description": "Adds free performance score credits to health score. It can be used for compensating health score for known slow applications. Allowed values are 0-100. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 100,
"minimum": 0,
"required": false,
"title": "Hs performance boost",
"type": "integer"
},
"hs_pscore_traffic_threshold_l4_client": {
"default": 10.0,
"description": "Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0.",
"required": false,
"title": "Hs pscore traffic threshold l4 client",
"type": "number"
},
"hs_pscore_traffic_threshold_l4_server": {
"default": 10.0,
"description": "Threshold number of connections in 5min, below which apdexr, apdexc, rum_apdex, and other network quality metrics are not computed. Allowed in Basic(Allowed values- 10) edition, Essentials(Allowed values- 10) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10.0.",
"required": false,
"title": "Hs pscore traffic threshold l4 server",
"type": "number"
},
"hs_security_certscore_expired": {
"default": 0.0,
"description": "Score assigned when the certificate has expired. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0.",
"required": false,
"title": "Hs security certscore expired",
"type": "number"
},
"hs_security_certscore_gt30d": {
"default": 5.0,
"description": "Score assigned when the certificate expires in more than 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0.",
"required": false,
"title": "Hs security certscore gt30d",
"type": "number"
},
"hs_security_certscore_le07d": {
"default": 2.0,
"description": "Score assigned when the certificate expires in less than or equal to 7 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.0) edition, Essentials(Allowed values- 2.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.0.",
"required": false,
"title": "Hs security certscore le07d",
"type": "number"
},
"hs_security_certscore_le30d": {
"default": 4.0,
"description": "Score assigned when the certificate expires in less than or equal to 30 days. Allowed values are 0-5. Allowed in Basic(Allowed values- 4.0) edition, Essentials(Allowed values- 4.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 4.0.",
"required": false,
"title": "Hs security certscore le30d",
"type": "number"
},
"hs_security_chain_invalidity_penalty": {
"default": 1.0,
"description": "Penalty for allowing certificates with invalid chain. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0.",
"required": false,
"title": "Hs security chain invalidity penalty",
"type": "number"
},
"hs_security_cipherscore_eq000b": {
"default": 0.0,
"description": "Score assigned when the minimum cipher strength is 0 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0.",
"required": false,
"title": "Hs security cipherscore eq000b",
"type": "number"
},
"hs_security_cipherscore_ge128b": {
"default": 5.0,
"description": "Score assigned when the minimum cipher strength is greater than equal to 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0.",
"required": false,
"title": "Hs security cipherscore ge128b",
"type": "number"
},
"hs_security_cipherscore_lt128b": {
"default": 3.5,
"description": "Score assigned when the minimum cipher strength is less than 128 bits. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5.",
"required": false,
"title": "Hs security cipherscore lt128b",
"type": "number"
},
"hs_security_encalgo_score_none": {
"default": 0.0,
"description": "Score assigned when no algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0.",
"required": false,
"title": "Hs security encalgo score none",
"type": "number"
},
"hs_security_encalgo_score_rc4": {
"default": 2.5,
"description": "Score assigned when RC4 algorithm is used for encryption. Allowed values are 0-5. Allowed in Basic(Allowed values- 2.5) edition, Essentials(Allowed values- 2.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.5.",
"required": false,
"title": "Hs security encalgo score rc4",
"type": "number"
},
"hs_security_hsts_penalty": {
"default": 1.0,
"description": "Penalty for not enabling HSTS. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0.",
"required": false,
"title": "Hs security hsts penalty",
"type": "number"
},
"hs_security_nonpfs_penalty": {
"default": 1.0,
"description": "Penalty for allowing non-PFS handshakes. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0.",
"required": false,
"title": "Hs security nonpfs penalty",
"type": "number"
},
"hs_security_ocsp_revoked_score": {
"default": 0.0,
"description": "Score assigned when OCSP Certificate Status is set to Revoked or Issuer Revoked. Allowed values are 0.0-5.0. Allowed in Basic(Allowed values- 0.0) edition, Essentials(Allowed values- 0.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.0.",
"required": false,
"title": "Hs security ocsp revoked score",
"type": "number"
},
"hs_security_selfsignedcert_penalty": {
"default": 1.0,
"description": "Deprecated. Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0.",
"required": false,
"title": "Hs security selfsignedcert penalty",
"type": "number"
},
"hs_security_ssl30_score": {
"default": 3.5,
"description": "Score assigned when supporting SSL3.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 3.5) edition, Essentials(Allowed values- 3.5) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 3.5.",
"required": false,
"title": "Hs security ssl30 score",
"type": "number"
},
"hs_security_tls10_score": {
"default": 5.0,
"description": "Score assigned when supporting TLS1.0 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0.",
"required": false,
"title": "Hs security tls10 score",
"type": "number"
},
"hs_security_tls11_score": {
"default": 5.0,
"description": "Score assigned when supporting TLS1.1 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0.",
"required": false,
"title": "Hs security tls11 score",
"type": "number"
},
"hs_security_tls12_score": {
"default": 5.0,
"description": "Score assigned when supporting TLS1.2 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 5.0.",
"required": false,
"title": "Hs security tls12 score",
"type": "number"
},
"hs_security_tls13_score": {
"description": "Score assigned when supporting TLS1.3 encryption protocol. Allowed values are 0-5. Allowed in Basic(Allowed values- 5.0) edition, Essentials(Allowed values- 5.0) edition, Enterprise edition.",
"required": false,
"title": "Hs security tls13 score",
"type": "number"
},
"hs_security_weak_signature_algo_penalty": {
"default": 1.0,
"description": "Penalty for allowing weak signature algorithm(s). Allowed values are 0-5. Allowed in Basic(Allowed values- 1.0) edition, Essentials(Allowed values- 1.0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.0.",
"required": false,
"title": "Hs security weak signature algo penalty",
"type": "number"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"ondemand_metrics_idle_timeout": {
"default": 1800,
"description": "This flag sets the time duration of no live data traffic after which Virtual Service metrics processing is suspended. It is applicable only when enable_ondemand_metrics is set to false. Unit is SECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 1800.",
"required": false,
"title": "Ondemand metrics idle timeout",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"ranges": {
"description": "List of HTTP status code ranges to be excluded from being classified as an error.",
"items": {
"$ref": "ALBHTTPStatusRange
},
"required": false,
"title": "Ranges",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"resp_code_block": {
"description": "Block of HTTP response codes to be excluded from being classified as an error. Enum options - AP_HTTP_RSP_4XX, AP_HTTP_RSP_5XX.",
"items": {
"$ref": "ALBAnalyticsProfileRespCodeBlock
},
"required": false,
"title": "Resp code block",
"type": "array"
},
"sensitive_log_profile": {
"$ref": "ALBSensitiveLogProfile,
"description": "Rules applied to the HTTP application log for filtering sensitive information. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Sensitive log profile"
},
"sip_log_depth": {
"default": 20,
"description": "Maximum number of SIP messages added in logs for a SIP transaction. By default, this value is 20. Allowed values are 1-1000. Allowed in Basic(Allowed values- 20) edition, Essentials(Allowed values- 20) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 20.",
"maximum": 1000,
"minimum": 1,
"required": false,
"title": "Sip log depth",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "AnalyticsProfile",
"type": "object"
}
ALBAnalyticsProfileApiResponse (type)
{
"additionalProperties": false,
"description": "AnalyticsProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBAnalyticsProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of AnalyticsProfile",
"items": {
"$ref": "ALBAnalyticsProfile
},
"required": false,
"title": "Array of AnalyticsProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "AnalyticsProfileApiResponse",
"type": "object"
}
ALBAnalyticsProfileRespCodeBlock (type)
{
"description": "Valid ENUM values for ALBAnalyticsProfileRespCodeBlock",
"enum": [
"AP_HTTP_RSP_4XX",
"AP_HTTP_RSP_5XX"
],
"id": "ALBAnalyticsProfileRespCodeBlock",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AnalyticsProfileRespCodeBlock type",
"type": "string"
}
ALBAppCookiePersistenceProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AppCookiePersistenceProfile object",
"id": "ALBAppCookiePersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"encryption_key": {
"description": "Key to use for cookie encryption.",
"required": false,
"title": "Encryption key",
"type": "string"
},
"prst_hdr_name": {
"description": "Header or cookie name for application cookie persistence.",
"required": true,
"title": "Prst hdr name",
"type": "string"
},
"timeout": {
"default": 20,
"description": "The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 20.",
"maximum": 720,
"minimum": 1,
"required": false,
"title": "Timeout",
"type": "integer"
}
},
"title": "AppCookiePersistenceProfile",
"type": "object"
}
ALBAppLearningConfidenceLabel (type)
{
"description": "Valid ENUM values for ALBAppLearningConfidenceLabel",
"enum": [
"CONFIDENCE_VERY_HIGH",
"CONFIDENCE_HIGH",
"CONFIDENCE_PROBABLE",
"CONFIDENCE_LOW",
"CONFIDENCE_NONE"
],
"id": "ALBAppLearningConfidenceLabel",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AppLearningConfidenceLabel type",
"type": "string"
}
ALBAppLearningConfidenceOverride (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AppLearningConfidenceOverride object",
"id": "ALBAppLearningConfidenceOverride",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"confid_high_value": {
"default": 9500,
"description": "Confidence threshold for label CONFIDENCE_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9500.",
"required": false,
"title": "Confid high value",
"type": "integer"
},
"confid_low_value": {
"default": 7500,
"description": "Confidence threshold for label CONFIDENCE_LOW. Default value when not specified in API or module is interpreted by ALB Controller as 7500.",
"required": false,
"title": "Confid low value",
"type": "integer"
},
"confid_probable_value": {
"default": 9000,
"description": "Confidence threshold for label CONFIDENCE_PROBABLE. Default value when not specified in API or module is interpreted by ALB Controller as 9000.",
"required": false,
"title": "Confid probable value",
"type": "integer"
},
"confid_very_high_value": {
"default": 9999,
"description": "Confidence threshold for label CONFIDENCE_VERY_HIGH. Default value when not specified in API or module is interpreted by ALB Controller as 9999.",
"required": false,
"title": "Confid very high value",
"type": "integer"
}
},
"title": "AppLearningConfidenceOverride",
"type": "object"
}
ALBAppLearningParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AppLearningParams object",
"id": "ALBAppLearningParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable_per_uri_learning": {
"default": true,
"description": "Learn the params per URI path. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable per uri learning",
"type": "boolean"
},
"max_params": {
"default": 100,
"description": "Maximum number of params to learn for an application. Allowed values are 10-1000. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 1000,
"minimum": 10,
"required": false,
"title": "Max params",
"type": "integer"
},
"max_uris": {
"default": 500,
"description": "Maximum number of URI paths to learn for an application. Allowed values are 10-10000. Default value when not specified in API or module is interpreted by ALB Controller as 500.",
"maximum": 10000,
"minimum": 10,
"required": false,
"title": "Max uris",
"type": "integer"
},
"min_hits_to_learn": {
"default": 10000,
"description": "Minimum number of occurances required for a Param to qualify for learning. Default value when not specified in API or module is interpreted by ALB Controller as 10000.",
"required": false,
"title": "Min hits to learn",
"type": "integer"
},
"sampling_percent": {
"default": 1,
"description": "Percent of the requests subjected to Application learning. Allowed values are 1-100. Unit is PERCENT. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Sampling percent",
"type": "integer"
},
"update_interval": {
"default": 30,
"description": "Frequency with which SE publishes Application learning data to controller. Allowed values are 1-60. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"maximum": 60,
"minimum": 1,
"required": false,
"title": "Update interval",
"type": "integer"
}
},
"title": "AppLearningParams",
"type": "object"
}
ALBApplicationPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ApplicationPersistenceProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBApplicationPersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"app_cookie_persistence_profile": {
"$ref": "ALBAppCookiePersistenceProfile,
"description": "Specifies the Application Cookie Persistence profile parameters.",
"required": false,
"title": "App cookie persistence profile"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"hdr_persistence_profile": {
"$ref": "ALBHdrPersistenceProfile,
"description": "Specifies the custom HTTP Header Persistence profile parameters.",
"required": false,
"title": "Hdr persistence profile"
},
"http_cookie_persistence_profile": {
"$ref": "ALBHttpCookiePersistenceProfile,
"description": "Specifies the HTTP Cookie Persistence profile parameters.",
"required": false,
"title": "Http cookie persistence profile"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_persistence_profile": {
"$ref": "ALBIPPersistenceProfile,
"description": "Specifies the Client IP Persistence profile parameters.",
"required": false,
"title": "Ip persistence profile"
},
"is_federated": {
"default": false,
"description": "This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is federated",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_type": {
"$ref": "ALBPersistenceProfileType,
"default": "PERSISTENCE_TYPE_CLIENT_IP_ADDRESS",
"description": "Method used to persist clients to the same server for a duration of time or a session. Enum options - PERSISTENCE_TYPE_CLIENT_IP_ADDRESS, PERSISTENCE_TYPE_HTTP_COOKIE, PERSISTENCE_TYPE_TLS, PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS, PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER, PERSISTENCE_TYPE_APP_COOKIE, PERSISTENCE_TYPE_GSLB_SITE. Allowed in Basic(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Essentials(Allowed values- PERSISTENCE_TYPE_CLIENT_IP_ADDRESS,PERSISTENCE_TYPE_HTTP_COOKIE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PERSISTENCE_TYPE_CLIENT_IP_ADDRESS.",
"required": true,
"title": "Persistence type"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_hm_down_recovery": {
"$ref": "ALBPersistentServerHMDownRecovery,
"default": "HM_DOWN_PICK_NEW_SERVER",
"description": "Specifies behavior when a persistent server has been marked down by a health monitor. Enum options - HM_DOWN_PICK_NEW_SERVER, HM_DOWN_ABORT_CONNECTION, HM_DOWN_CONTINUE_PERSISTENT_SERVER. Allowed in Basic(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Essentials(Allowed values- HM_DOWN_PICK_NEW_SERVER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HM_DOWN_PICK_NEW_SERVER.",
"required": false,
"title": "Server hm down recovery"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "ApplicationPersistenceProfile",
"type": "object"
}
ALBApplicationPersistenceProfileApiResponse (type)
{
"additionalProperties": false,
"description": "ApplicationPersistenceProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBApplicationPersistenceProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ApplicationPersistenceProfile",
"items": {
"$ref": "ALBApplicationPersistenceProfile
},
"required": false,
"title": "Array of ApplicationPersistenceProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ApplicationPersistenceProfileApiResponse",
"type": "object"
}
ALBApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ApplicationProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_config_cksum": {
"description": "Checksum of application profiles. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"created_by": {
"description": "Name of the application profile creator.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_service_profile": {
"$ref": "ALBDnsServiceApplicationProfile,
"description": "Specifies various DNS service related controls for virtual service.",
"required": false,
"title": "Dns service profile"
},
"dos_rl_profile": {
"$ref": "ALBDosRateLimitProfile,
"description": "Specifies various security related controls for virtual service.",
"required": false,
"title": "Dos rl profile"
},
"http_profile": {
"$ref": "ALBHTTPApplicationProfile,
"description": "Specifies the HTTP application proxy profile parameters.",
"required": false,
"title": "Http profile"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preserve_client_ip": {
"default": false,
"description": "Specifies if client IP needs to be preserved for backend connection. Not compatible with Connection Multiplexing. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Preserve client ip",
"type": "boolean"
},
"preserve_client_port": {
"default": false,
"description": "Specifies if we need to preserve client port while preserving client IP for backend connections. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Preserve client port",
"type": "boolean"
},
"preserve_dest_ip_port": {
"default": false,
"description": "Specifies if destination IP and port needs to be preserved for backend connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Preserve dest ip port",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sip_service_profile": {
"$ref": "ALBSipServiceApplicationProfile,
"description": "Specifies various SIP service related controls for virtual service. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Sip service profile"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_app_profile": {
"$ref": "ALBTCPApplicationProfile,
"description": "Specifies the TCP application proxy profile parameters.",
"required": false,
"title": "Tcp app profile"
},
"type": {
"$ref": "ALBApplicationProfileType,
"description": "Specifies which application layer proxy is enabled for the virtual service. Enum options - APPLICATION_PROFILE_TYPE_L4, APPLICATION_PROFILE_TYPE_HTTP, APPLICATION_PROFILE_TYPE_SYSLOG, APPLICATION_PROFILE_TYPE_DNS, APPLICATION_PROFILE_TYPE_SSL, APPLICATION_PROFILE_TYPE_SIP. Allowed in Basic(Allowed values- APPLICATION_PROFILE_TYPE_L4,APPLICATION_PROFILE_TYPE_HTTP) edition, Essentials(Allowed values- APPLICATION_PROFILE_TYPE_L4) edition, Enterprise edition.",
"required": true,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "ApplicationProfile",
"type": "object"
}
ALBApplicationProfileApiResponse (type)
{
"additionalProperties": false,
"description": "ApplicationProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBApplicationProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ApplicationProfile",
"items": {
"$ref": "ALBApplicationProfile
},
"required": false,
"title": "Array of ApplicationProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ApplicationProfileApiResponse",
"type": "object"
}
ALBApplicationProfileType (type)
{
"description": "Valid ENUM values for ALBApplicationProfileType",
"enum": [
"APPLICATION_PROFILE_TYPE_L4",
"APPLICATION_PROFILE_TYPE_HTTP",
"APPLICATION_PROFILE_TYPE_SYSLOG",
"APPLICATION_PROFILE_TYPE_DNS",
"APPLICATION_PROFILE_TYPE_SSL",
"APPLICATION_PROFILE_TYPE_SIP"
],
"id": "ALBApplicationProfileType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ApplicationProfileType type",
"type": "string"
}
ALBAttackMitigationAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AttackMitigationAction object",
"id": "ALBAttackMitigationAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"deny": {
"default": true,
"description": "Deny the attack packets further processing and drop them. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Deny",
"type": "boolean"
}
},
"title": "AttackMitigationAction",
"type": "object"
}
ALBAttackType (type)
{
"description": "Valid ENUM values for ALBAttackType",
"enum": [
"LAND",
"SMURF",
"ICMP_PING_FLOOD",
"UNKOWN_PROTOCOL",
"TEARDROP",
"IP_FRAG_OVERRUN",
"IP_FRAG_TOOSMALL",
"IP_FRAG_FULL",
"IP_FRAG_INCOMPLETE",
"PORT_SCAN",
"TCP_NON_SYN_FLOOD_OLD",
"SYN_FLOOD",
"BAD_RST_FLOOD",
"MALFORMED_FLOOD",
"FAKE_SESSION",
"ZERO_WINDOW_STRESS",
"SMALL_WINDOW_STRESS",
"DOS_HTTP_TIMEOUT",
"DOS_HTTP_ERROR",
"DOS_HTTP_ABORT",
"DOS_SSL_ERROR",
"DOS_APP_ERROR",
"DOS_REQ_IP_RL_DROP",
"DOS_REQ_URI_RL_DROP",
"DOS_REQ_URI_SCAN_BAD_RL_DROP",
"DOS_REQ_URI_SCAN_UNKNOWN_RL_DROP",
"DOS_REQ_IP_URI_RL_DROP",
"DOS_CONN_IP_RL_DROP",
"DOS_SLOW_URL",
"TCP_NON_SYN_FLOOD",
"DOS_REQ_CIP_SCAN_BAD_RL_DROP",
"DOS_REQ_CIP_SCAN_UNKNOWN_RL_DROP",
"DOS_REQ_IP_RL_DROP_BAD",
"DOS_REQ_URI_RL_DROP_BAD",
"DOS_REQ_IP_URI_RL_DROP_BAD",
"POLICY_DROPS",
"DOS_CONN_RL_DROP",
"DOS_REQ_RL_DROP",
"DOS_REQ_HDR_RL_DROP",
"DOS_REQ_CUSTOM_RL_DROP",
"DNS_ATTACK_REFLECTION"
],
"id": "ALBAttackType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AttackType type",
"type": "string"
}
ALBAuthAttributeMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthAttributeMatch object",
"id": "ALBAuthAttributeMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"attribute_name": {
"description": "Attribute name whose values will be looked up in the access lists.",
"required": true,
"title": "Attribute name",
"type": "string"
},
"attribute_value_list": {
"$ref": "ALBStringMatch,
"description": "Attribute Values used to determine access when authentication applies. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": true,
"title": "Attribute value list"
}
},
"title": "AuthAttributeMatch",
"type": "object"
}
ALBAuthLdapSearchScope (type)
{
"description": "Valid ENUM values for ALBAuthLdapSearchScope",
"enum": [
"AUTH_LDAP_SCOPE_BASE",
"AUTH_LDAP_SCOPE_ONE",
"AUTH_LDAP_SCOPE_SUBTREE"
],
"id": "ALBAuthLdapSearchScope",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthLdapSearchScope type",
"type": "string"
}
ALBAuthLdapSecurityMode (type)
{
"description": "Valid ENUM values for ALBAuthLdapSecurityMode",
"enum": [
"AUTH_LDAP_SECURE_NONE",
"AUTH_LDAP_SECURE_USE_LDAPS"
],
"id": "ALBAuthLdapSecurityMode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthLdapSecurityMode type",
"type": "string"
}
ALBAuthProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBAuthProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"http": {
"$ref": "ALBAuthProfileHTTPClientParams,
"description": "HTTP user authentication params.",
"required": false,
"title": "Http"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap": {
"$ref": "ALBLdapAuthSettings,
"description": "LDAP server and directory settings.",
"required": false,
"title": "Ldap"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"saml": {
"$ref": "ALBSamlSettings,
"description": "SAML settings.",
"required": false,
"title": "Saml"
},
"tacacs_plus": {
"$ref": "ALBTacacsPlusAuthSettings,
"description": "TACACS+ settings.",
"required": false,
"title": "Tacacs plus"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ALBAuthProfileType,
"description": "Type of the Auth Profile. Enum options - AUTH_PROFILE_LDAP, AUTH_PROFILE_TACACS_PLUS, AUTH_PROFILE_SAML, AUTH_PROFILE_PINGACCESS, AUTH_PROFILE_JWT.",
"required": true,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "AuthProfile",
"type": "object"
}
ALBAuthProfileApiResponse (type)
{
"additionalProperties": false,
"description": "AuthProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBAuthProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of AuthProfile",
"items": {
"$ref": "ALBAuthProfile
},
"required": false,
"title": "Array of AuthProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "AuthProfileApiResponse",
"type": "object"
}
ALBAuthProfileHTTPClientParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthProfileHTTPClientParams object",
"id": "ALBAuthProfileHTTPClientParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cache_expiration_time": {
"default": 5,
"description": "The max allowed length of time a clients authentication is cached. Allowed values are 1-30. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5.",
"maximum": 30,
"minimum": 1,
"required": false,
"title": "Cache expiration time",
"type": "integer"
},
"request_header": {
"description": "Insert an HTTP header. This field is used to define the header name. The value of the header is set to the client's HTTP Auth user ID.",
"required": false,
"title": "Request header",
"type": "string"
},
"require_user_groups": {
"description": "A user should be a member of these groups. Each group is defined by the DN. For example, CN=testgroup,OU=groups,dc=example,dc=avinetworks,DC=com.",
"items": {
"type": "string"
},
"required": false,
"title": "Require user groups",
"type": "array"
}
},
"title": "AuthProfileHTTPClientParams",
"type": "object"
}
ALBAuthProfileType (type)
{
"description": "Valid ENUM values for ALBAuthProfileType",
"enum": [
"AUTH_PROFILE_LDAP",
"AUTH_PROFILE_TACACS_PLUS",
"AUTH_PROFILE_SAML",
"AUTH_PROFILE_PINGACCESS",
"AUTH_PROFILE_JWT"
],
"id": "ALBAuthProfileType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthProfileType type",
"type": "string"
}
ALBAuthSamlEntityType (type)
{
"description": "Valid ENUM values for ALBAuthSamlEntityType",
"enum": [
"AUTH_SAML_CLUSTER_VIP",
"AUTH_SAML_DNS_FQDN",
"AUTH_SAML_APP_VS"
],
"id": "ALBAuthSamlEntityType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthSamlEntityType type",
"type": "string"
}
ALBAuthTacacsPlusAttributeValuePair (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthTacacsPlusAttributeValuePair object",
"id": "ALBAuthTacacsPlusAttributeValuePair",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"mandatory": {
"description": "mandatory.",
"required": false,
"title": "Mandatory",
"type": "boolean"
},
"name": {
"description": "attribute name.",
"required": false,
"title": "Name",
"type": "string"
},
"value": {
"description": "attribute value.",
"required": false,
"title": "Value",
"type": "string"
}
},
"title": "AuthTacacsPlusAttributeValuePair",
"type": "object"
}
ALBAuthTacacsPlusService (type)
{
"description": "Valid ENUM values for ALBAuthTacacsPlusService",
"enum": [
"AUTH_TACACS_PLUS_SERVICE_NONE",
"AUTH_TACACS_PLUS_SERVICE_LOGIN",
"AUTH_TACACS_PLUS_SERVICE_ENABLE",
"AUTH_TACACS_PLUS_SERVICE_PPP",
"AUTH_TACACS_PLUS_SERVICE_ARAP",
"AUTH_TACACS_PLUS_SERVICE_PT",
"AUTH_TACACS_PLUS_SERVICE_RCMD",
"AUTH_TACACS_PLUS_SERVICE_X25",
"AUTH_TACACS_PLUS_SERVICE_NASI",
"AUTH_TACACS_PLUS_SERVICE_FWPROXY"
],
"id": "ALBAuthTacacsPlusService",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthTacacsPlusService type",
"type": "string"
}
ALBAuthToken (type)
{
"description": "ALB Auth Token",
"id": "ALBAuthToken",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"hours": {
"description": "Hours to validate the token",
"required": true,
"title": "hours",
"type": "string"
},
"token": {
"description": "Token for Avi Controller.",
"title": "Token for Avi Controller",
"type": "string"
},
"username": {
"description": "controller username.",
"required": true,
"title": "username",
"type": "string"
}
},
"title": "Auth Token",
"type": "object"
}
ALBAuthenticationAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthenticationAction object",
"id": "ALBAuthenticationAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"type": {
"$ref": "ALBAuthenticationActionEnum,
"default": "USE_DEFAULT_AUTHENTICATION",
"description": "Authentication Action to be taken for a matched Rule. Enum options - SKIP_AUTHENTICATION, USE_DEFAULT_AUTHENTICATION. Default value when not specified in API or module is interpreted by ALB Controller as USE_DEFAULT_AUTHENTICATION.",
"required": false,
"title": "Type"
}
},
"title": "AuthenticationAction",
"type": "object"
}
ALBAuthenticationActionEnum (type)
{
"description": "Valid ENUM values for ALBAuthenticationActionEnum",
"enum": [
"SKIP_AUTHENTICATION",
"USE_DEFAULT_AUTHENTICATION"
],
"id": "ALBAuthenticationActionEnum",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthenticationActionEnum type",
"type": "string"
}
ALBAuthenticationMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthenticationMatch object",
"id": "ALBAuthenticationMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Configure client ip addresses.",
"required": false,
"title": "Client ip"
},
"host_hdr": {
"$ref": "ALBHostHdrMatch,
"description": "Configure the host header.",
"required": false,
"title": "Host hdr"
},
"path": {
"$ref": "ALBPathMatch,
"description": "Configure request paths.",
"required": false,
"title": "Path"
}
},
"title": "AuthenticationMatch",
"type": "object"
}
ALBAuthenticationPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthenticationPolicy object",
"id": "ALBAuthenticationPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"authn_rules": {
"description": "Add rules to apply auth profile to specific targets.",
"items": {
"$ref": "ALBAuthenticationRule
},
"required": false,
"title": "Authn rules",
"type": "array"
},
"default_auth_profile_path": {
"description": "Auth Profile to use for validating users. It is a reference to an object of type AuthProfile.",
"required": true,
"title": "Default auth profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBSSOPolicy"
],
"relationshipType": "ALB_SSOPOLICY_ALB_AUTHPROFILE_RELATIONSHIP",
"rightType": [
"ALBAuthProfile"
]
}
]
}
},
"title": "AuthenticationPolicy",
"type": "object"
}
ALBAuthenticationRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthenticationRule object",
"id": "ALBAuthenticationRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBAuthenticationAction,
"description": "Enable or disable authentication for matched targets.",
"required": false,
"title": "Action"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBAuthenticationMatch,
"description": "Add match criteria to the rule. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "AuthenticationRule",
"type": "object"
}
ALBAuthorizationAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthorizationAction object",
"id": "ALBAuthorizationAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"status_code": {
"$ref": "ALBAuthorizationActionHttpStatusCode,
"description": "HTTP status code to use for local response when an policy rule is matched. Enum options - HTTP_RESPONSE_STATUS_CODE_401, HTTP_RESPONSE_STATUS_CODE_403.",
"required": false,
"title": "Status code"
},
"type": {
"$ref": "ALBAuthorizationActionEnum,
"default": "ALLOW_ACCESS",
"description": "Defines the action taken when an authorization policy rule is matched. By default, access is allowed to the requested resource. Enum options - ALLOW_ACCESS, CLOSE_CONNECTION, HTTP_LOCAL_RESPONSE. Default value when not specified in API or module is interpreted by ALB Controller as ALLOW_ACCESS.",
"required": false,
"title": "Type"
}
},
"title": "AuthorizationAction",
"type": "object"
}
ALBAuthorizationActionEnum (type)
{
"description": "Valid ENUM values for ALBAuthorizationActionEnum",
"enum": [
"ALLOW_ACCESS",
"CLOSE_CONNECTION",
"HTTP_LOCAL_RESPONSE"
],
"id": "ALBAuthorizationActionEnum",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthorizationActionEnum type",
"type": "string"
}
ALBAuthorizationActionHttpStatusCode (type)
{
"description": "Valid ENUM values for ALBAuthorizationActionHttpStatusCode",
"enum": [
"HTTP_RESPONSE_STATUS_CODE_401",
"HTTP_RESPONSE_STATUS_CODE_403"
],
"id": "ALBAuthorizationActionHttpStatusCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "AuthorizationActionHttpStatusCode type",
"type": "string"
}
ALBAuthorizationMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthorizationMatch object",
"id": "ALBAuthorizationMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"attr_matches": {
"description": "Attributes whose values need to be matched. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBAuthAttributeMatch
},
"required": false,
"title": "Attr matches",
"type": "array"
},
"host_hdr": {
"$ref": "ALBHostHdrMatch,
"description": "Host header value to be matched.",
"required": false,
"title": "Host hdr"
},
"method": {
"$ref": "ALBMethodMatch,
"description": "HTTP methods to be matched.",
"required": false,
"title": "Method"
},
"path": {
"$ref": "ALBPathMatch,
"description": "Paths/URLs to be matched.",
"required": false,
"title": "Path"
}
},
"title": "AuthorizationMatch",
"type": "object"
}
ALBAuthorizationPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthorizationPolicy object",
"id": "ALBAuthorizationPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"authz_rules": {
"description": "Authorization Policy Rules.",
"items": {
"$ref": "ALBAuthorizationRule
},
"required": false,
"title": "Authz rules",
"type": "array"
}
},
"title": "AuthorizationPolicy",
"type": "object"
}
ALBAuthorizationRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AuthorizationRule object",
"id": "ALBAuthorizationRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBAuthorizationAction,
"description": "Authorization action when rule is matched.",
"required": true,
"title": "Action"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Index of the Authorization Policy rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBAuthorizationMatch,
"description": "Authorization match criteria for the rule. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": true,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "AuthorizationRule",
"type": "object"
}
ALBAutoScaleLaunchConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AutoScaleLaunchConfig object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBAutoScaleLaunchConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"image_id": {
"description": "Unique ID of the Amazon Machine Image (AMI) or OpenStack VM ID.",
"required": false,
"title": "Image id",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"mesos": {
"$ref": "ALBAutoScaleMesosSettings,
"description": "Placeholder for description of property mesos of obj type AutoScaleLaunchConfig field type str type ref.",
"required": false,
"title": "Mesos"
},
"openstack": {
"$ref": "ALBAutoScaleOpenStackSettings,
"description": "Placeholder for description of property openstack of obj type AutoScaleLaunchConfig field type str type ref.",
"required": false,
"title": "Openstack"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_external_asg": {
"default": true,
"description": "If set to True, ServerAutoscalePolicy will use the autoscaling group (external_autoscaling_groups) from Pool to perform scale up and scale down. Pool should have single autoscaling group configured. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Use external asg",
"type": "boolean"
}
},
"title": "AutoScaleLaunchConfig",
"type": "object"
}
ALBAutoScaleLaunchConfigApiResponse (type)
{
"additionalProperties": false,
"description": "AutoScaleLaunchConfigApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBAutoScaleLaunchConfigApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of AutoScaleLaunchConfig",
"items": {
"$ref": "ALBAutoScaleLaunchConfig
},
"required": false,
"title": "Array of AutoScaleLaunchConfig",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "AutoScaleLaunchConfigApiResponse",
"type": "object"
}
ALBAutoScaleMesosSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AutoScaleMesosSettings object",
"id": "ALBAutoScaleMesosSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"force": {
"default": true,
"description": "Apply scaleout even when there are deployments inprogress. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Force",
"type": "boolean"
}
},
"title": "AutoScaleMesosSettings",
"type": "object"
}
ALBAutoScaleOpenStackSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer AutoScaleOpenStackSettings object",
"id": "ALBAutoScaleOpenStackSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"heat_scale_down_url": {
"description": "Avi Controller will use this URL to scale downthe pool. Cloud connector will automatically update the membership. This is an alpha feature.",
"required": false,
"title": "Heat scale down url",
"type": "string"
},
"heat_scale_up_url": {
"description": "Avi Controller will use this URL to scale upthe pool. Cloud connector will automatically update the membership. This is an alpha feature.",
"required": false,
"title": "Heat scale up url",
"type": "string"
}
},
"title": "AutoScaleOpenStackSettings",
"type": "object"
}
ALBCRL (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CRL object",
"id": "ALBCRL",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"body": {
"description": "Certificate Revocation list from a given issuer in PEM format. This can either be configured directly or via the server_url.",
"required": false,
"title": "Body",
"type": "string"
},
"common_name": {
"description": "Common name of the issuer in the Certificate Revocation list.",
"required": false,
"title": "Common name",
"type": "string"
},
"distinguished_name": {
"description": "Distinguished name of the issuer in the Certificate Revocation list.",
"required": false,
"title": "Distinguished name",
"type": "string"
},
"etag": {
"description": "Cached etag to optimize the download of the CRL.",
"required": false,
"title": "Etag",
"type": "string"
},
"fingerprint": {
"description": "Fingerprint of the CRL. Used to avoid configuring duplicates.",
"required": false,
"title": "Fingerprint",
"type": "string"
},
"last_refreshed": {
"description": "Last time CRL was refreshed by the system. This is an internal field used by the system.",
"required": false,
"title": "Last refreshed",
"type": "string"
},
"last_update": {
"description": "The date when this CRL was last issued.",
"required": false,
"title": "Last update",
"type": "string"
},
"next_update": {
"description": "The date when a newer CRL will be available. Also conveys the date after which the CRL should be considered obsolete.",
"required": false,
"title": "Next update",
"type": "string"
},
"server_url": {
"description": "URL of a server that issues the Certificate Revocation list. If this is configured, CRL will be periodically downloaded either based on the configured update interval or the next update interval in the CRL. CRL itself is stored in the body.",
"required": false,
"title": "Server url",
"type": "string"
},
"text": {
"description": "Certificate Revocation list in plain text for readability.",
"required": false,
"title": "Text",
"type": "string"
},
"update_interval": {
"description": "Interval in minutes to check for CRL update. If not specified, interval will be 1 day. Allowed values are 30-525600. Unit is MIN.",
"maximum": 525600,
"minimum": 30,
"required": false,
"title": "Update interval",
"type": "integer"
}
},
"title": "CRL",
"type": "object"
}
ALBCertificateAuthority (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CertificateAuthority object",
"id": "ALBCertificateAuthority",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ca_path": {
"description": "It is a reference to an object of type SSLKeyAndCertificate.",
"required": false,
"title": "Ca path",
"type": "string"
},
"name": {
"description": "Name of the object.",
"required": false,
"title": "Name",
"type": "string"
}
},
"title": "CertificateAuthority",
"type": "object"
}
ALBCertificateManagementProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CertificateManagementProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBCertificateManagementProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"script_params": {
"description": "Placeholder for description of property script_params of obj type CertificateManagementProfile field type str type array.",
"items": {
"$ref": "ALBCustomParams
},
"required": false,
"title": "Script params",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CertificateManagementProfile",
"type": "object"
}
ALBClientInsights (type)
{
"description": "Valid ENUM values for ALBClientInsights",
"enum": [
"NO_INSIGHTS",
"PASSIVE",
"ACTIVE"
],
"id": "ALBClientInsights",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ClientInsights type",
"type": "string"
}
ALBClientInsightsSampling (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ClientInsightsSampling object",
"id": "ALBClientInsightsSampling",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Client IP addresses to check when inserting RUM script.",
"required": false,
"title": "Client ip"
},
"sample_uris": {
"$ref": "ALBStringMatch,
"description": "URL patterns to check when inserting RUM script.",
"required": false,
"title": "Sample uris"
},
"skip_uris": {
"$ref": "ALBStringMatch,
"description": "URL patterns to avoid when inserting RUM script.",
"required": false,
"title": "Skip uris"
}
},
"title": "ClientInsightsSampling",
"type": "object"
}
ALBClientLogConfiguration (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ClientLogConfiguration object",
"id": "ALBClientLogConfiguration",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable_significant_log_collection": {
"default": false,
"description": "Enable significant log collection. By default, this flag is enabled, which means that Avi SEs collect significant logs and forward them to Controller for further processing. For example, these logs correspond to error conditions such as when the response code for a request is 500. Users can deactivate this flag to turn off default significant log collection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable significant log collection",
"type": "boolean"
},
"filtered_log_processing": {
"$ref": "ALBLogsProcessingType,
"default": "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND",
"description": "Filtered logs are logs that match any client log filters or rules with logging enabled. Such logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND.",
"required": false,
"title": "Filtered log processing"
},
"non_significant_log_processing": {
"$ref": "ALBLogsProcessingType,
"default": "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND",
"description": "Logs that are neither significant nor filtered, are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND.",
"required": false,
"title": "Non significant log processing"
},
"significant_log_processing": {
"$ref": "ALBLogsProcessingType,
"default": "LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND",
"description": "Significant logs are processed by the Logs Analytics system according to this setting. Enum options - LOGS_PROCESSING_NONE, LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND, LOGS_PROCESSING_AUTO_SYNC_AND_INDEX, LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND.",
"required": false,
"title": "Significant log processing"
}
},
"title": "ClientLogConfiguration",
"type": "object"
}
ALBClientLogFilter (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ClientLogFilter object",
"id": "ALBClientLogFilter",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"all_headers": {
"default": false,
"description": "Placeholder for description of property all_headers of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "All headers",
"type": "boolean"
},
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Placeholder for description of property client_ip of obj type ClientLogFilter field type str type ref.",
"required": false,
"title": "Client ip"
},
"duration": {
"default": 30,
"description": "Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"required": false,
"title": "Duration",
"type": "integer"
},
"enabled": {
"default": false,
"description": "Placeholder for description of property enabled of obj type ClientLogFilter field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Enabled",
"type": "boolean"
},
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"name": {
"description": "Name of the object.",
"required": true,
"title": "Name",
"type": "string"
},
"uri": {
"$ref": "ALBStringMatch,
"description": "Placeholder for description of property uri of obj type ClientLogFilter field type str type ref.",
"required": false,
"title": "Uri"
}
},
"title": "ClientLogFilter",
"type": "object"
}
ALBClientLogStreamingConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ClientLogStreamingConfig object",
"id": "ALBClientLogStreamingConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"external_server": {
"description": "IP address or hostnames (FQDNs) of destination servers. If an FQDN is provided, this should be resolvable on Avi Service Engines. Multiple servers are supported by furnishing a comma-separated list of IP addresses or host names, for example, 11.11.11.11,23.12.12.4. Optionally, a separate port can be specified for each external server in the list, for example, 11.11.11.11 234,12.12.12.12 343.",
"required": true,
"title": "External server",
"type": "string"
},
"external_server_port": {
"default": 514,
"description": "The service port to use for the external servers. If multiple external servers have been specified, the single port number specified here will apply to all those servers for which an explicit port number has not been specified in the external server list. Default value when not specified in API or module is interpreted by ALB Controller as 514.",
"required": false,
"title": "External server port",
"type": "integer"
},
"format_config": {
"$ref": "ALBClientLogStreamingFormat,
"description": "Configuration to specify the format of streamed logs. By default, each log is encoded in JSON format.",
"required": false,
"title": "Format config"
},
"log_types_to_send": {
"$ref": "ALBLogsType,
"default": "LOGS_ALL",
"description": "Type of logs to stream to the external server. Default is LOGS_ALL, i.e., send all logs. Enum options - LOGS_SIGNIFICANT_ONLY, LOGS_UDF_ONLY, LOGS_UDF_SIGNIFICANT, LOGS_ALL. Default value when not specified in API or module is interpreted by ALB Controller as LOGS_ALL.",
"required": false,
"title": "Log types to send"
},
"max_logs_per_second": {
"default": 100,
"description": "Maximum number of logs per second streamed to the remote server. By default, 100 logs per second are streamed. Set this to zero(0) to not enforce any limit. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"required": false,
"title": "Max logs per second",
"type": "integer"
},
"protocol": {
"$ref": "ALBClientLogStreamingProtocol,
"default": "LOG_STREAMING_PROTOCOL_UDP",
"description": "Protocol to use for streaming logs. Enum options - LOG_STREAMING_PROTOCOL_UDP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP, LOG_STREAMING_PROTOCOL_TCP, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP, LOG_STREAMING_PROTOCOL_RAW_OVER_UDP, LOG_STREAMING_PROTOCOL_TLS, LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS. Default value when not specified in API or module is interpreted by ALB Controller as LOG_STREAMING_PROTOCOL_UDP.",
"required": false,
"title": "Protocol"
},
"syslog_config": {
"$ref": "ALBStreamingSyslogConfig,
"description": "Syslog configuration if a Syslog-based protocol is specified for streaming.",
"required": false,
"title": "Syslog config"
}
},
"title": "ClientLogStreamingConfig",
"type": "object"
}
ALBClientLogStreamingFormat (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ClientLogStreamingFormat object",
"id": "ALBClientLogStreamingFormat",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"format": {
"$ref": "ALBLogStreamingFormatType,
"description": "Format for the streamed logs. Enum options - LOG_STREAMING_FORMAT_JSON_FULL, LOG_STREAMING_FORMAT_JSON_SELECTED.",
"required": true,
"title": "Format"
},
"included_fields": {
"description": "List of log fields to be streamed, when selective fields (LOG_STREAMING_FORMAT_JSON_SELECTED) option is chosen. Only top-level fields in application or connection logs are supported.",
"items": {
"type": "string"
},
"required": false,
"title": "Included fields",
"type": "array"
}
},
"title": "ClientLogStreamingFormat",
"type": "object"
}
ALBClientLogStreamingProtocol (type)
{
"description": "Valid ENUM values for ALBClientLogStreamingProtocol",
"enum": [
"LOG_STREAMING_PROTOCOL_UDP",
"LOG_STREAMING_PROTOCOL_SYSLOG_OVER_UDP",
"LOG_STREAMING_PROTOCOL_TCP",
"LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TCP",
"LOG_STREAMING_PROTOCOL_RAW_OVER_UDP",
"LOG_STREAMING_PROTOCOL_TLS",
"LOG_STREAMING_PROTOCOL_SYSLOG_OVER_TLS"
],
"id": "ALBClientLogStreamingProtocol",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ClientLogStreamingProtocol type",
"type": "string"
}
ALBCloneServer (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CloneServer object",
"id": "ALBCloneServer",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip_address": {
"$ref": "ALBIpAddr,
"description": "IP Address of the Clone Server.",
"required": false,
"title": "Ip address"
},
"mac": {
"description": "MAC Address of the Clone Server.",
"required": false,
"title": "Mac",
"type": "string"
},
"network_name": {
"description": "Network to clone the traffic to. It is a reference to an object of type Network.",
"required": false,
"title": "Network name",
"type": "string"
},
"subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "Subnet of the network to clone the traffic to.",
"required": false,
"title": "Subnet"
}
},
"title": "CloneServer",
"type": "object"
}
ALBCloudType (type)
{
"description": "Valid ENUM values for ALBCloudType",
"enum": [
"CLOUD_NONE",
"CLOUD_VCENTER",
"CLOUD_OPENSTACK",
"CLOUD_AWS",
"CLOUD_VCA",
"CLOUD_APIC",
"CLOUD_MESOS",
"CLOUD_LINUXSERVER",
"CLOUD_DOCKER_UCP",
"CLOUD_RANCHER",
"CLOUD_OSHIFT_K8S",
"CLOUD_AZURE",
"CLOUD_GCP",
"CLOUD_NSXT"
],
"id": "ALBCloudType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "CloudType type",
"type": "string"
}
ALBComparisonOperator (type)
{
"description": "Valid ENUM values for ALBComparisonOperator",
"enum": [
"CO_EQ",
"CO_GT",
"CO_GE",
"CO_LT",
"CO_LE",
"CO_NE"
],
"id": "ALBComparisonOperator",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ComparisonOperator type",
"type": "string"
}
ALBCompressionFilter (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CompressionFilter object",
"id": "ALBCompressionFilter",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"devices_path": {
"description": "It is a reference to an object of type StringGroup.",
"required": false,
"title": "Devices path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"ip_addr_prefixes": {
"description": "Placeholder for description of property ip_addr_prefixes of obj type CompressionFilter field type str type array.",
"items": {
"$ref": "ALBIpAddrPrefix
},
"required": false,
"title": "Ip addr prefixes",
"type": "array"
},
"ip_addr_ranges": {
"description": "Placeholder for description of property ip_addr_ranges of obj type CompressionFilter field type str type array.",
"items": {
"$ref": "ALBIpAddrRange
},
"required": false,
"title": "Ip addr ranges",
"type": "array"
},
"ip_addrs": {
"description": "Placeholder for description of property ip_addrs of obj type CompressionFilter field type str type array.",
"items": {
"$ref": "ALBIpAddr
},
"required": false,
"title": "Ip addrs",
"type": "array"
},
"ip_addrs_path": {
"description": "It is a reference to an object of type IpAddrGroup.",
"required": false,
"title": "Ip addrs path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
}
]
},
"level": {
"$ref": "ALBCompressionFilterLevel,
"default": "NORMAL_COMPRESSION",
"description": "Enum options - AGGRESSIVE_COMPRESSION, NORMAL_COMPRESSION, NO_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as NORMAL_COMPRESSION.",
"required": true,
"title": "Level"
},
"match": {
"$ref": "ALBMatchOperation,
"default": "IS_IN",
"description": "Whether to apply Filter when group criteria is matched or not. Enum options - IS_IN, IS_NOT_IN. Default value when not specified in API or module is interpreted by ALB Controller as IS_IN.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the object.",
"required": true,
"title": "Name",
"type": "string"
},
"user_agent": {
"description": "Placeholder for description of property user_agent of obj type CompressionFilter field type str type array.",
"items": {
"type": "string"
},
"required": false,
"title": "User agent",
"type": "array"
}
},
"title": "CompressionFilter",
"type": "object"
}
ALBCompressionFilterLevel (type)
{
"description": "Valid ENUM values for ALBCompressionFilterLevel",
"enum": [
"AGGRESSIVE_COMPRESSION",
"NORMAL_COMPRESSION",
"NO_COMPRESSION"
],
"id": "ALBCompressionFilterLevel",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "CompressionFilterLevel type",
"type": "string"
}
ALBCompressionProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CompressionProfile object",
"id": "ALBCompressionProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"compressible_content_path": {
"description": "Compress only content types listed in this string group. Content types not present in this list are not compressed. It is a reference to an object of type StringGroup.",
"required": false,
"title": "Compressible content path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"compression": {
"default": false,
"description": "Compress HTTP response content if it wasn't already compressed. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Compression",
"type": "boolean"
},
"filter": {
"description": "Custom filters used when auto compression is not selected.",
"items": {
"$ref": "ALBCompressionFilter
},
"required": false,
"title": "Filter",
"type": "array"
},
"remove_accept_encoding_header": {
"default": true,
"description": "Offload compression from the servers to AVI. Saves compute cycles on the servers. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": true,
"title": "Remove accept encoding header",
"type": "boolean"
},
"type": {
"$ref": "ALBCompressionType,
"default": "AUTO_COMPRESSION",
"description": "Compress content automatically or add custom filters to define compressible content and compression levels. Enum options - AUTO_COMPRESSION, CUSTOM_COMPRESSION. Default value when not specified in API or module is interpreted by ALB Controller as AUTO_COMPRESSION.",
"required": true,
"title": "Type"
}
},
"title": "CompressionProfile",
"type": "object"
}
ALBCompressionType (type)
{
"description": "Valid ENUM values for ALBCompressionType",
"enum": [
"AUTO_COMPRESSION",
"CUSTOM_COMPRESSION"
],
"id": "ALBCompressionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "CompressionType type",
"type": "string"
}
ALBCongestionAlgo (type)
{
"description": "Valid ENUM values for ALBCongestionAlgo",
"enum": [
"CC_ALGO_NEW_RENO",
"CC_ALGO_CUBIC",
"CC_ALGO_HTCP"
],
"id": "ALBCongestionAlgo",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "CongestionAlgo type",
"type": "string"
}
ALBConnPoolProperties (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ConnPoolProperties object",
"id": "ALBConnPoolProperties",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"upstream_connpool_conn_idle_tmo": {
"default": 60000,
"description": "Connection idle timeout. Allowed in Basic(Allowed values- 60000) edition, Essentials(Allowed values- 60000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 60000.",
"required": false,
"title": "Upstream connpool conn idle tmo",
"type": "integer"
},
"upstream_connpool_conn_life_tmo": {
"default": 600000,
"description": "Connection life timeout. Allowed in Basic(Allowed values- 600000) edition, Essentials(Allowed values- 600000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 600000.",
"required": false,
"title": "Upstream connpool conn life tmo",
"type": "integer"
},
"upstream_connpool_conn_max_reuse": {
"default": 0,
"description": "Maximum number of times a connection can be reused. Special values are 0- 'unlimited'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Upstream connpool conn max reuse",
"type": "integer"
},
"upstream_connpool_server_max_cache": {
"default": 0,
"description": "Maximum number of connections a server can cache. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Upstream connpool server max cache",
"type": "integer"
}
},
"title": "ConnPoolProperties",
"type": "object"
}
ALBContentRewriteProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ContentRewriteProfile object",
"id": "ALBContentRewriteProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"response_rewrite_enabled": {
"default": false,
"description": "Enable rewrite on response body. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Response rewrite enabled",
"type": "boolean"
},
"rewritable_content_path": {
"description": "Rewrite only content types listed in this string group. Content types not present in this list are not rewritten. It is a reference to an object of type StringGroup.",
"required": false,
"title": "Rewritable content path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"rsp_match_replace_pair": {
"description": "Strings to be matched and replaced with on the response body. This should be configured when response_rewrite_enabled is set to true.",
"items": {
"$ref": "ALBMatchReplacePair
},
"required": false,
"title": "Rsp match replace pair",
"type": "array"
}
},
"title": "ContentRewriteProfile",
"type": "object"
}
ALBControllerConfiguration (type)
{
"additionalProperties": false,
"description": "Alb Controller config details",
"id": "ALBControllerConfiguration",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cluster_ip": {
"$ref": "IPAddress,
"description": "The cluster IP of the Advanced Load Balancer controller node cluster. This is mandatory parameter and required for single node controller deployments as well.",
"readonly": false,
"required": true,
"title": "Cluster IP of Advanced Load Balancer controller cluster"
},
"dns_servers": {
"description": "List of DNS servers.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "DNS servers.",
"type": "array"
},
"infra_admin_password": {
"description": "Password for the controller node admin user. For deployment, this property is required. The password specified must be at least 8 characters in length.",
"required": true,
"sensitive": true,
"title": "Advanced Load Balancer controller admin password",
"type": "string"
},
"infra_admin_username": {
"description": "Username for server authentication.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "string"
},
"ntp_servers": {
"description": "List of NTP servers.",
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": false,
"title": "NTP servers.",
"type": "array"
},
"owned_by": {
"description": "The policy initiates workflow by LCM/VCF",
"enum": [
"LCM",
"VCF"
],
"required": true,
"title": "owned_by",
"type": "string"
}
},
"title": "ALBControllerConfiguration",
"type": "object"
}
ALBControllerVersion (type)
{
"description": "ALB Controller Version",
"id": "ALBControllerVersion",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"alb_api_version": {
"description": "It is ALB API version supported by NSX-ALB.",
"title": "Alb API Version",
"type": "string"
},
"alb_controller_version": {
"description": "It is ALB Controller version deployed by NSX-ALB.",
"title": "Alb Controller Version",
"type": "string"
}
},
"title": "ALBControllerVersion",
"type": "object"
}
ALBCookieMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CookieMatch object",
"id": "ALBCookieMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBHdrMatchOperation,
"description": "Criterion to use for matching the cookie in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL.",
"required": true,
"title": "Match criteria"
},
"name": {
"description": "Name of the cookie.",
"required": true,
"title": "Name",
"type": "string"
},
"value": {
"description": "String value in the cookie.",
"required": false,
"title": "Value",
"type": "string"
}
},
"title": "CookieMatch",
"type": "object"
}
ALBCustomParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer CustomParams object",
"id": "ALBCustomParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"is_dynamic": {
"default": false,
"description": "Placeholder for description of property is_dynamic of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is dynamic",
"type": "boolean"
},
"is_sensitive": {
"default": false,
"description": "Placeholder for description of property is_sensitive of obj type CustomParams field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is sensitive",
"type": "boolean"
},
"name": {
"description": "Name of the object.",
"required": true,
"title": "Name",
"type": "string"
},
"value": {
"description": "value of CustomParams.",
"required": false,
"title": "Value",
"type": "string"
}
},
"title": "CustomParams",
"type": "object"
}
ALBDiscoveredNetwork (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DiscoveredNetwork object",
"id": "ALBDiscoveredNetwork",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"network_name": {
"description": "Discovered network for this IP. It is a reference to an object of type Network.",
"required": true,
"title": "Network name",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
}
]
},
"subnet": {
"description": "Discovered subnet for this IP.",
"items": {
"$ref": "ALBIpAddrPrefix
},
"required": false,
"title": "Subnet",
"type": "array"
},
"subnet6": {
"description": "Discovered IPv6 subnet for this IP.",
"items": {
"$ref": "ALBIpAddrPrefix
},
"required": false,
"title": "Subnet6",
"type": "array"
}
},
"title": "DiscoveredNetwork",
"type": "object"
}
ALBDnsAAAARdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsAAAARdata object",
"id": "ALBDnsAAAARdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip6_address": {
"$ref": "ALBIpAddr,
"description": "IPv6 address for FQDN.",
"required": true,
"title": "Ip6 address"
}
},
"title": "DnsAAAARdata",
"type": "object"
}
ALBDnsARdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsARdata object",
"id": "ALBDnsARdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip_address": {
"$ref": "ALBIpAddr,
"description": "IP address for FQDN.",
"required": true,
"title": "Ip address"
}
},
"title": "DnsARdata",
"type": "object"
}
ALBDnsAttack (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsAttack object",
"id": "ALBDnsAttack",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"attack_vector": {
"$ref": "ALBDnsAttackVector,
"description": "The DNS attack vector. Enum options - DNS_REFLECTION, DNS_NXDOMAIN, DNS_AMPLIFICATION_EGRESS.",
"required": true,
"title": "Attack vector"
},
"enabled": {
"default": true,
"description": "Enable or disable the mitigation of the attack vector. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"max_mitigation_age": {
"default": 60,
"description": "Time in minutes after which mitigation will be deactivated. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Max mitigation age",
"type": "integer"
},
"mitigation_action": {
"$ref": "ALBAttackMitigationAction,
"description": "Mitigation action to perform for this DNS attack vector.",
"required": false,
"title": "Mitigation action"
},
"threshold": {
"description": "Threshold, in terms of DNS packet per second, for the DNS attack vector.",
"required": false,
"title": "Threshold",
"type": "integer"
}
},
"title": "DnsAttack",
"type": "object"
}
ALBDnsAttackVector (type)
{
"description": "Valid ENUM values for ALBDnsAttackVector",
"enum": [
"DNS_REFLECTION",
"DNS_NXDOMAIN",
"DNS_AMPLIFICATION_EGRESS"
],
"id": "ALBDnsAttackVector",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsAttackVector type",
"type": "string"
}
ALBDnsAttacks (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsAttacks object",
"id": "ALBDnsAttacks",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"attacks": {
"description": "Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks.",
"items": {
"$ref": "ALBDnsAttack
},
"required": false,
"title": "Attacks",
"type": "array"
},
"oper_mode": {
"$ref": "ALBOperationMode,
"description": "Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION.",
"required": false,
"title": "Oper mode"
}
},
"title": "DnsAttacks",
"type": "object"
}
ALBDnsClientIpMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsClientIpMatch object",
"id": "ALBDnsClientIpMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "IP addresses to match against client IP.",
"required": true,
"title": "Client ip"
},
"use_edns_client_subnet_ip": {
"default": true,
"description": "Use the IP address from the EDNS client subnet option, if available, as the source IP address of the client. It should be noted that the edns subnet IP may not be a /32 IP address. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Use edns client subnet ip",
"type": "boolean"
}
},
"title": "DnsClientIpMatch",
"type": "object"
}
ALBDnsCnameRdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsCnameRdata object",
"id": "ALBDnsCnameRdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cname": {
"description": "Canonical name.",
"required": true,
"title": "Cname",
"type": "string"
}
},
"title": "DnsCnameRdata",
"type": "object"
}
ALBDnsErrorResponseType (type)
{
"description": "Valid ENUM values for ALBDnsErrorResponseType",
"enum": [
"DNS_ERROR_RESPONSE_ERROR",
"DNS_ERROR_RESPONSE_NONE"
],
"id": "ALBDnsErrorResponseType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsErrorResponseType type",
"type": "string"
}
ALBDnsGeoLocationMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsGeoLocationMatch object",
"id": "ALBDnsGeoLocationMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"geolocation_name": {
"description": "Geographical location of the client IP to be used in the match. This location is of the format Country/State/City e.g. US/CA/Santa Clara.",
"required": false,
"title": "Geolocation name",
"type": "string"
},
"geolocation_tag": {
"description": "Geolocation tag for the client IP. This could be any string value for the client IP, e.g. client IPs from US East Coast geolocation would be tagged as 'East Coast'.",
"required": false,
"title": "Geolocation tag",
"type": "string"
},
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for matching the client IP's geographical location. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"use_edns_client_subnet_ip": {
"default": true,
"description": "Use the IP address from the EDNS client subnet option, if available, to derive geo location of the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Use edns client subnet ip",
"type": "boolean"
}
},
"title": "DnsGeoLocationMatch",
"type": "object"
}
ALBDnsInfo (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsInfo object",
"id": "ALBDnsInfo",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"algorithm": {
"$ref": "ALBDnsRecordResponseAlgorithm,
"default": "DNS_RECORD_RESPONSE_CONSISTENT_HASH",
"description": "Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is consistent hash. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_CONSISTENT_HASH.",
"required": false,
"title": "Algorithm"
},
"cname": {
"$ref": "ALBDnsCnameRdata,
"description": "Canonical name in CNAME record.",
"required": false,
"title": "Cname"
},
"fqdn": {
"description": "Fully qualified domain name.",
"required": false,
"title": "Fqdn",
"type": "string"
},
"metadata": {
"description": "Any metadata associated with this record.",
"required": false,
"title": "Metadata",
"type": "string"
},
"num_records_in_response": {
"description": "Specifies the number of records returned for this FQDN. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'.",
"maximum": 20,
"minimum": 0,
"required": false,
"title": "Num records in response",
"type": "integer"
},
"ttl": {
"description": "Time to live for fqdn record. Default value is chosen from DNS profile for this cloud if no value provided.",
"required": false,
"title": "Ttl",
"type": "integer"
},
"type": {
"$ref": "ALBDnsRecordType,
"default": "DNS_RECORD_A",
"description": "DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A.",
"required": false,
"title": "Type"
}
},
"title": "DnsInfo",
"type": "object"
}
ALBDnsMessageSection (type)
{
"description": "Valid ENUM values for ALBDnsMessageSection",
"enum": [
"DNS_MESSAGE_SECTION_QUESTION",
"DNS_MESSAGE_SECTION_ANSWER",
"DNS_MESSAGE_SECTION_AUTHORITY",
"DNS_MESSAGE_SECTION_ADDITIONAL"
],
"id": "ALBDnsMessageSection",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsMessageSection type",
"type": "string"
}
ALBDnsMxRdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsMxRdata object",
"id": "ALBDnsMxRdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host": {
"description": "Fully qualified domain name of a mailserver. The host name maps directly to one or more address records in the DNS table, and must not point to any CNAME records (RFC 2181).",
"required": true,
"title": "Host",
"type": "string"
},
"priority": {
"description": "The priority field identifies which mail server should be preferred. Allowed values are 0-65535.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Priority",
"type": "integer"
}
},
"title": "DnsMxRdata",
"type": "object"
}
ALBDnsNsRdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsNsRdata object",
"id": "ALBDnsNsRdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip6_address": {
"$ref": "ALBIpAddr,
"description": "IPv6 address for Name Server.",
"required": false,
"title": "Ip6 address"
},
"ip_address": {
"$ref": "ALBIpAddr,
"description": "IP address for Name Server.",
"required": false,
"title": "Ip address"
},
"nsname": {
"description": "Name Server name.",
"required": true,
"title": "Nsname",
"type": "string"
}
},
"title": "DnsNsRdata",
"type": "object"
}
ALBDnsPolicies (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsPolicies object",
"id": "ALBDnsPolicies",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dns_policy_path": {
"description": "path of the dns policy. It is a reference to an object of type DnsPolicy.",
"required": true,
"title": "Dns policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_DNSPOLICY_RELATIONSHIP",
"rightType": [
"ALBDnsPolicy"
]
}
]
},
"index": {
"description": "Index of the dns policy.",
"required": true,
"title": "Index",
"type": "integer"
}
},
"title": "DnsPolicies",
"type": "object"
}
ALBDnsPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBDnsPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule": {
"description": "DNS rules.",
"items": {
"$ref": "ALBDnsRule
},
"required": false,
"title": "Rule",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DnsPolicy",
"type": "object"
}
ALBDnsPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "DnsPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBDnsPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of DnsPolicy",
"items": {
"$ref": "ALBDnsPolicy
},
"required": false,
"title": "Array of DnsPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DnsPolicyApiResponse",
"type": "object"
}
ALBDnsQueryNameMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsQueryNameMatch object",
"id": "ALBDnsQueryNameMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBStringOperation,
"description": "Criterion to use for string matching the DNS query domain name in the question section. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.",
"required": true,
"title": "Match criteria"
},
"query_domain_names": {
"description": "Domain name to match against that specified in the question section of the DNS query.",
"items": {
"type": "string"
},
"required": false,
"title": "Query domain names",
"type": "array"
},
"string_group_paths": {
"description": "path of the string group(s) for matching against DNS query domain name in the question section. It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "String group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBDnsPolicy"
],
"relationshipType": "ALB_DNSPOLICY_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
}
},
"title": "DnsQueryNameMatch",
"type": "object"
}
ALBDnsQueryTypeMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsQueryTypeMatch object",
"id": "ALBDnsQueryTypeMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for matching the DNS query typein the question section. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"query_type": {
"description": "DNS query types in the request query. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY.",
"items": {
"$ref": "ALBDnsRecordType
},
"required": false,
"title": "Query type",
"type": "array"
}
},
"title": "DnsQueryTypeMatch",
"type": "object"
}
ALBDnsRateLimiter (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRateLimiter object",
"id": "ALBDnsRateLimiter",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBDnsRuleRLAction,
"description": "Action to perform upon rate limiting.",
"required": true,
"title": "Action"
},
"rate_limiter_object": {
"$ref": "ALBRateLimiter,
"description": "Rate limiting object.",
"required": true,
"title": "Rate limiter object"
}
},
"title": "DnsRateLimiter",
"type": "object"
}
ALBDnsRcode (type)
{
"description": "Valid ENUM values for ALBDnsRcode",
"enum": [
"DNS_RCODE_NOERROR",
"DNS_RCODE_FORMERR",
"DNS_RCODE_SERVFAIL",
"DNS_RCODE_NXDOMAIN",
"DNS_RCODE_NOTIMP",
"DNS_RCODE_REFUSED",
"DNS_RCODE_YXDOMAIN",
"DNS_RCODE_YXRRSET",
"DNS_RCODE_NXRRSET",
"DNS_RCODE_NOTAUTH",
"DNS_RCODE_NOTZONE"
],
"id": "ALBDnsRcode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsRcode type",
"type": "string"
}
ALBDnsRecord (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRecord object",
"id": "ALBDnsRecord",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"algorithm": {
"$ref": "ALBDnsRecordResponseAlgorithm,
"default": "DNS_RECORD_RESPONSE_ROUND_ROBIN",
"description": "Specifies the algorithm to pick the IP address(es) to be returned, when multiple entries are configured. This does not apply if num_records_in_response is 0. Default is round-robin. Enum options - DNS_RECORD_RESPONSE_ROUND_ROBIN, DNS_RECORD_RESPONSE_CONSISTENT_HASH. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_RESPONSE_ROUND_ROBIN.",
"required": false,
"title": "Algorithm"
},
"cname": {
"$ref": "ALBDnsCnameRdata,
"description": "Canonical name in CNAME record.",
"required": false,
"title": "Cname"
},
"delegated": {
"default": false,
"description": "Configured FQDNs are delegated domains (i.e. they represent a zone cut). Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Delegated",
"type": "boolean"
},
"description": {
"description": "Details of DNS record.",
"required": false,
"title": "Description",
"type": "string"
},
"fqdn": {
"description": "Fully Qualified Domain Name. Minimum of 1 items required.",
"items": {
"type": "string"
},
"required": true,
"title": "Fqdn",
"type": "array"
},
"ip6_address": {
"description": "IPv6 address in AAAA record. Maximum of 4 items allowed.",
"items": {
"$ref": "ALBDnsAAAARdata
},
"required": false,
"title": "Ip6 address",
"type": "array"
},
"ip_address": {
"description": "IP address in A record. Maximum of 4 items allowed.",
"items": {
"$ref": "ALBDnsARdata
},
"required": false,
"title": "Ip address",
"type": "array"
},
"metadata": {
"description": "Internal metadata for the DNS record.",
"required": false,
"title": "Metadata",
"type": "string"
},
"mx_records": {
"description": "MX record. Maximum of 4 items allowed.",
"items": {
"$ref": "ALBDnsMxRdata
},
"required": false,
"title": "Mx records",
"type": "array"
},
"ns": {
"description": "Name Server information in NS record. Maximum of 13 items allowed.",
"items": {
"$ref": "ALBDnsNsRdata
},
"required": false,
"title": "Ns",
"type": "array"
},
"num_records_in_response": {
"default": 0,
"description": "Specifies the number of records returned by the DNS service. Enter 0 to return all records. Default is 0. Allowed values are 0-20. Special values are 0- 'Return all records'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 20,
"minimum": 0,
"required": false,
"title": "Num records in response",
"type": "integer"
},
"service_locator": {
"description": "Service locator info in SRV record. Maximum of 4 items allowed.",
"items": {
"$ref": "ALBDnsSrvRdata
},
"required": false,
"title": "Service locator",
"type": "array"
},
"ttl": {
"description": "Time To Live for this DNS record.",
"required": false,
"title": "Ttl",
"type": "integer"
},
"txt_records": {
"description": "Text record. Maximum of 4 items allowed.",
"items": {
"$ref": "ALBDnsTxtRdata
},
"required": false,
"title": "Txt records",
"type": "array"
},
"type": {
"$ref": "ALBDnsRecordType,
"description": "DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY.",
"required": true,
"title": "Type"
},
"wildcard_match": {
"default": false,
"description": "Enable wild-card match of fqdn if an exact match is not found in the DNS table, the longest match is chosen by wild-carding the fqdn in the DNS request. Default is false. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Wildcard match",
"type": "boolean"
}
},
"title": "DnsRecord",
"type": "object"
}
ALBDnsRecordResponseAlgorithm (type)
{
"description": "Valid ENUM values for ALBDnsRecordResponseAlgorithm",
"enum": [
"DNS_RECORD_RESPONSE_ROUND_ROBIN",
"DNS_RECORD_RESPONSE_CONSISTENT_HASH"
],
"id": "ALBDnsRecordResponseAlgorithm",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsRecordResponseAlgorithm type",
"type": "string"
}
ALBDnsRecordType (type)
{
"description": "Valid ENUM values for ALBDnsRecordType",
"enum": [
"DNS_RECORD_OTHER",
"DNS_RECORD_A",
"DNS_RECORD_NS",
"DNS_RECORD_CNAME",
"DNS_RECORD_SOA",
"DNS_RECORD_PTR",
"DNS_RECORD_HINFO",
"DNS_RECORD_MX",
"DNS_RECORD_TXT",
"DNS_RECORD_RP",
"DNS_RECORD_DNSKEY",
"DNS_RECORD_AAAA",
"DNS_RECORD_SRV",
"DNS_RECORD_OPT",
"DNS_RECORD_RRSIG",
"DNS_RECORD_AXFR",
"DNS_RECORD_ANY"
],
"id": "ALBDnsRecordType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsRecordType type",
"type": "string"
}
ALBDnsRrSet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRrSet object",
"id": "ALBDnsRrSet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cname": {
"$ref": "ALBDnsCnameRdata,
"description": "Canonical name in CNAME record.",
"required": false,
"title": "Cname"
},
"fqdn": {
"description": "Fully Qualified Domain Name.",
"required": true,
"title": "Fqdn",
"type": "string"
},
"ip6_addresses": {
"description": "IPv6 address in AAAA record.",
"items": {
"$ref": "ALBDnsAAAARdata
},
"required": false,
"title": "Ip6 addresses",
"type": "array"
},
"ip_addresses": {
"description": "IP address in A record.",
"items": {
"$ref": "ALBDnsARdata
},
"required": false,
"title": "Ip addresses",
"type": "array"
},
"nses": {
"description": "Name Server information in NS record.",
"items": {
"$ref": "ALBDnsNsRdata
},
"required": false,
"title": "Nses",
"type": "array"
},
"ttl": {
"description": "Time To Live for this DNS record. Allowed values are 0-2147483647.",
"maximum": 2147483647,
"minimum": 0,
"required": true,
"title": "Ttl",
"type": "integer"
},
"type": {
"$ref": "ALBDnsRecordType,
"description": "DNS record type. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY.",
"required": true,
"title": "Type"
}
},
"title": "DnsRrSet",
"type": "object"
}
ALBDnsRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRule object",
"id": "ALBDnsRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBDnsRuleAction,
"description": "Action to be performed upon successful matching.",
"required": false,
"title": "Action"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"log": {
"description": "Log DNS query upon rule match.",
"required": false,
"title": "Log",
"type": "boolean"
},
"match": {
"$ref": "ALBDnsRuleMatchTarget,
"description": "Add match criteria to the rule.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "DnsRule",
"type": "object"
}
ALBDnsRuleAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleAction object",
"id": "ALBDnsRuleAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"allow": {
"$ref": "ALBDnsRuleActionAllowDrop,
"description": "Allow or drop the DNS query.",
"required": false,
"title": "Allow"
},
"dns_rate_limiter": {
"$ref": "ALBDnsRateLimiter,
"description": "Rate limits the DNS requests.",
"required": false,
"title": "Dns rate limiter"
},
"gslb_site_selection": {
"$ref": "ALBDnsRuleActionGslbSiteSelection,
"description": "Select a specific GSLB site for the DNS query. This action should be used only when GSLB services have been configured for the DNS virtual service.",
"required": false,
"title": "Gslb site selection"
},
"pool_switching": {
"$ref": "ALBDnsRuleActionPoolSwitching,
"description": "Select a pool or pool group for the passthrough DNS query which cannot be served locally but could be served by upstream servers.",
"required": false,
"title": "Pool switching"
},
"response": {
"$ref": "ALBDnsRuleActionResponse,
"description": "Generate a response for the DNS query.",
"required": false,
"title": "Response"
}
},
"title": "DnsRuleAction",
"type": "object"
}
ALBDnsRuleActionAllowDrop (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleActionAllowDrop object",
"id": "ALBDnsRuleActionAllowDrop",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"allow": {
"default": true,
"description": "Allow the DNS query. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Allow",
"type": "boolean"
},
"reset_conn": {
"default": true,
"description": "Reset the TCP connection of the DNS query, if allow is set to false to drop the query. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Reset conn",
"type": "boolean"
}
},
"title": "DnsRuleActionAllowDrop",
"type": "object"
}
ALBDnsRuleActionGslbSiteSelection (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleActionGslbSiteSelection object",
"id": "ALBDnsRuleActionGslbSiteSelection",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"fallback_site_names": {
"description": "GSLB fallback sites to use in case the desired site is down. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Fallback site names",
"type": "array"
},
"is_site_preferred": {
"default": true,
"description": "When set to true, GSLB site is a preferred site. This setting comes into play when the site is down, as well as no configured fallback site is available (all fallback sites are also down), then any one available site is selected based on the default algorithm for GSLB pool member selection. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Is site preferred",
"type": "boolean"
},
"site_name": {
"description": "GSLB site name.",
"required": true,
"title": "Site name",
"type": "string"
}
},
"title": "DnsRuleActionGslbSiteSelection",
"type": "object"
}
ALBDnsRuleActionPoolSwitching (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleActionPoolSwitching object",
"id": "ALBDnsRuleActionPoolSwitching",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"pool_group_path": {
"description": "Reference of the pool group to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type PoolGroup.",
"required": false,
"title": "Pool group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBDnsPolicy"
],
"relationshipType": "ALB_DNSPOLICY_ALB_POOLGROUP_RELATIONSHIP",
"rightType": [
"ALBPoolGroup"
]
}
]
},
"pool_path": {
"description": "Reference of the pool to serve the passthrough DNS query which cannot be served locally. It is a reference to an object of type Pool.",
"required": false,
"title": "Pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBDnsPolicy"
],
"relationshipType": "ALB_DNSPOLICY_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
}
},
"title": "DnsRuleActionPoolSwitching",
"type": "object"
}
ALBDnsRuleActionResponse (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleActionResponse object",
"id": "ALBDnsRuleActionResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"authoritative": {
"default": true,
"description": "DNS response is authoritative. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Authoritative",
"type": "boolean"
},
"rcode": {
"$ref": "ALBDnsRcode,
"default": "DNS_RCODE_NOERROR",
"description": "DNS response code. Enum options - DNS_RCODE_NOERROR, DNS_RCODE_FORMERR, DNS_RCODE_SERVFAIL, DNS_RCODE_NXDOMAIN, DNS_RCODE_NOTIMP, DNS_RCODE_REFUSED, DNS_RCODE_YXDOMAIN, DNS_RCODE_YXRRSET, DNS_RCODE_NXRRSET, DNS_RCODE_NOTAUTH, DNS_RCODE_NOTZONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RCODE_NOERROR.",
"required": false,
"title": "Rcode"
},
"resource_record_sets": {
"description": "DNS resource record sets - (resource record set share the DNS domain name, type, and class).",
"items": {
"$ref": "ALBDnsRuleDnsRrSet
},
"required": false,
"title": "Resource record sets",
"type": "array"
},
"truncation": {
"default": false,
"description": "DNS response is truncated. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Truncation",
"type": "boolean"
}
},
"title": "DnsRuleActionResponse",
"type": "object"
}
ALBDnsRuleDnsRrSet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleDnsRrSet object",
"id": "ALBDnsRuleDnsRrSet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"resource_record_set": {
"$ref": "ALBDnsRrSet,
"description": "DNS resource record set - (records in the resource record set share the DNS domain name, type, and class).",
"required": true,
"title": "Resource record set"
},
"section": {
"$ref": "ALBDnsMessageSection,
"default": "DNS_MESSAGE_SECTION_ANSWER",
"description": "DNS message section for the resource record set. Enum options - DNS_MESSAGE_SECTION_QUESTION, DNS_MESSAGE_SECTION_ANSWER, DNS_MESSAGE_SECTION_AUTHORITY, DNS_MESSAGE_SECTION_ADDITIONAL. Default value when not specified in API or module is interpreted by ALB Controller as DNS_MESSAGE_SECTION_ANSWER.",
"required": false,
"title": "Section"
}
},
"title": "DnsRuleDnsRrSet",
"type": "object"
}
ALBDnsRuleMatchTarget (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleMatchTarget object",
"id": "ALBDnsRuleMatchTarget",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip_address": {
"$ref": "ALBDnsClientIpMatch,
"description": "IP addresses to match against client IP or the EDNS client subnet IP.",
"required": false,
"title": "Client ip address"
},
"geo_location": {
"$ref": "ALBDnsGeoLocationMatch,
"description": "Geographical location attribute to match against that of the client IP.",
"required": false,
"title": "Geo location"
},
"protocol": {
"$ref": "ALBDnsTransportProtocolMatch,
"description": "DNS transport protocol match.",
"required": false,
"title": "Protocol"
},
"query_name": {
"$ref": "ALBDnsQueryNameMatch,
"description": "Domain names to match against query name.",
"required": false,
"title": "Query name"
},
"query_type": {
"$ref": "ALBDnsQueryTypeMatch,
"description": "DNS query types to match against request query type.",
"required": false,
"title": "Query type"
}
},
"title": "DnsRuleMatchTarget",
"type": "object"
}
ALBDnsRuleRLAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsRuleRLAction object",
"id": "ALBDnsRuleRLAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"type": {
"$ref": "ALBDnsRuleRLActionType,
"default": "DNS_RL_ACTION_NONE",
"description": "Type of action to be enforced upon hitting the rate limit. Enum options - DNS_RL_ACTION_NONE, DNS_RL_ACTION_DROP_REQ. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RL_ACTION_NONE.",
"required": false,
"title": "Type"
}
},
"title": "DnsRuleRLAction",
"type": "object"
}
ALBDnsRuleRLActionType (type)
{
"description": "Valid ENUM values for ALBDnsRuleRLActionType",
"enum": [
"DNS_RL_ACTION_NONE",
"DNS_RL_ACTION_DROP_REQ"
],
"id": "ALBDnsRuleRLActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsRuleRLActionType type",
"type": "string"
}
ALBDnsServiceApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsServiceApplicationProfile object",
"id": "ALBDnsServiceApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"aaaa_empty_response": {
"default": true,
"description": "Respond to AAAA queries with empty response when there are only IPV4 records. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Aaaa empty response",
"type": "boolean"
},
"admin_email": {
"default": "hostmaster",
"description": "Email address of the administrator responsible for this zone. This field is used in SOA records (rname) pertaining to all domain names specified as authoritative domain names. If not configured, the default value 'hostmaster' is used in SOA responses. Default value when not specified in API or module is interpreted by ALB Controller as hostmaster.",
"required": false,
"title": "Admin email",
"type": "string"
},
"dns_over_tcp_enabled": {
"default": true,
"description": "Enable DNS query/response over TCP. This enables analytics for pass-through queries as well. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Dns over tcp enabled",
"type": "boolean"
},
"dns_zones": {
"description": "DNS zones hosted on this Virtual Service. Maximum of 100 items allowed.",
"items": {
"$ref": "ALBDnsZone
},
"required": false,
"title": "Dns zones",
"type": "array"
},
"domain_names": {
"description": "Subdomain names serviced by this Virtual Service. These are configured as Ends-With semantics. Maximum of 100 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names",
"type": "array"
},
"ecs_stripping_enabled": {
"default": true,
"description": "Enable stripping of EDNS client subnet (ecs) option towards client if DNS service inserts ecs option in the DNS query towards upstream servers. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Ecs stripping enabled",
"type": "boolean"
},
"edns": {
"default": true,
"description": "Enable DNS service to be aware of EDNS (Extension mechanism for DNS). EDNS extensions are parsed and shown in logs. For GSLB services, the EDNS client subnet option can be used to influence Load Balancing. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Edns",
"type": "boolean"
},
"edns_client_subnet_prefix_len": {
"description": "Specifies the IP address prefix length to use in the EDNS client subnet (ECS) option. When the incoming request does not have any ECS option and the prefix length is specified, an ECS option is inserted in the request passed to upstream server. If the incoming request already has an ECS option, the prefix length (and correspondingly the address) in the ECS option is updated, with the minimum of the prefix length present in the incoming and the configured prefix length, before passing the request to upstream server. Allowed values are 1-32.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "Edns client subnet prefix len",
"type": "integer"
},
"error_response": {
"$ref": "ALBDnsErrorResponseType,
"default": "DNS_ERROR_RESPONSE_NONE",
"description": "Drop or respond to client when the DNS service encounters an error processing a client query. By default, such a request is dropped without any response, or passed through to a passthrough pool, if configured. When set to respond, an appropriate response is sent to client, e.g. NXDOMAIN response for non-existent records, empty NOERROR response for unsupported queries, etc. Enum options - DNS_ERROR_RESPONSE_ERROR, DNS_ERROR_RESPONSE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as DNS_ERROR_RESPONSE_NONE.",
"required": false,
"title": "Error response"
},
"name_server": {
"description": "The <domain-name> of the name server that was the original or primary source of data for this zone. This field is used in SOA records (mname) pertaining to all domain names specified as authoritative domain names. If not configured, domain name is used as name server in SOA response.",
"required": false,
"title": "Name server",
"type": "string"
},
"negative_caching_ttl": {
"default": 30,
"description": "Specifies the TTL value (in seconds) for SOA (Start of Authority) (corresponding to a authoritative domain owned by this DNS Virtual Service) record's minimum TTL served by the DNS Virtual Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"maximum": 86400,
"minimum": 0,
"required": false,
"title": "Negative caching ttl",
"type": "integer"
},
"num_dns_ip": {
"default": 1,
"description": "Specifies the number of IP addresses returned by the DNS Service. Enter 0 to return all IP addresses. Allowed values are 1-20. Special values are 0- 'Return all IP addresses'. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 20,
"minimum": 0,
"required": false,
"title": "Num dns ip",
"type": "integer"
},
"ttl": {
"default": 30,
"description": "Specifies the TTL value (in seconds) for records served by DNS Service. Allowed values are 0-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"maximum": 86400,
"minimum": 0,
"required": false,
"title": "Ttl",
"type": "integer"
}
},
"title": "DnsServiceApplicationProfile",
"type": "object"
}
ALBDnsSrvRdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsSrvRdata object",
"id": "ALBDnsSrvRdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"port": {
"description": "Service port. Allowed values are 0-65535.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port",
"type": "integer"
},
"priority": {
"default": 0,
"description": "Priority of the target hosting the service, low value implies higher priority for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Priority",
"type": "integer"
},
"target": {
"default": "default.host",
"description": "Canonical hostname, of the machine hosting the service, with no trailing period. 'default.host' is valid but not 'default.host.'. Default value when not specified in API or module is interpreted by ALB Controller as default.host.",
"required": false,
"title": "Target",
"type": "string"
},
"weight": {
"default": 0,
"description": "Relative weight for service records with same priority, high value implies higher preference for this service record. Allowed values are 0-65535. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "DnsSrvRdata",
"type": "object"
}
ALBDnsTransportProtocol (type)
{
"description": "Valid ENUM values for ALBDnsTransportProtocol",
"enum": [
"DNS_OVER_UDP",
"DNS_OVER_TCP"
],
"id": "ALBDnsTransportProtocol",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DnsTransportProtocol type",
"type": "string"
}
ALBDnsTransportProtocolMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsTransportProtocolMatch object",
"id": "ALBDnsTransportProtocolMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for matching the DNS transport protocol. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"protocol": {
"$ref": "ALBDnsTransportProtocol,
"description": "Protocol to match against transport protocol used by DNS query. Enum options - DNS_OVER_UDP, DNS_OVER_TCP.",
"required": true,
"title": "Protocol"
}
},
"title": "DnsTransportProtocolMatch",
"type": "object"
}
ALBDnsTxtRdata (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsTxtRdata object",
"id": "ALBDnsTxtRdata",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"text_str": {
"description": "Text data associated with the FQDN.",
"required": true,
"title": "Text str",
"type": "string"
}
},
"title": "DnsTxtRdata",
"type": "object"
}
ALBDnsZone (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DnsZone object",
"id": "ALBDnsZone",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"admin_email": {
"description": "Email address of the administrator responsible for this zone. This field is used in SOA records as rname (RFC 1035). If not configured, it is inherited from the DNS service profile.",
"required": false,
"title": "Admin email",
"type": "string"
},
"domain_name": {
"description": "Domain name authoritatively serviced by this Virtual Service. Queries for FQDNs that are sub domains of this domain and do not have any DNS record in Avi are dropped or NXDomain response sent. For domains which are present, SOA parameters are sent in answer section of response if query type is SOA.",
"required": true,
"title": "Domain name",
"type": "string"
},
"name_server": {
"description": "The primary name server for this zone. This field is used in SOA records as mname (RFC 1035). If not configured, it is inherited from the DNS service profile. If even that is not configured, the domain name is used instead.",
"required": false,
"title": "Name server",
"type": "string"
}
},
"title": "DnsZone",
"type": "object"
}
ALBDosRateLimitProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DosRateLimitProfile object",
"id": "ALBDosRateLimitProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dos_profile": {
"$ref": "ALBDosThresholdProfile,
"description": "Profile for DoS attack detection.",
"required": false,
"title": "Dos profile"
},
"rl_profile": {
"$ref": "ALBRateLimiterProfile,
"description": "Profile for Connections/Requests rate limiting.",
"required": false,
"title": "Rl profile"
}
},
"title": "DosRateLimitProfile",
"type": "object"
}
ALBDosThreshold (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DosThreshold object",
"id": "ALBDosThreshold",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"attack": {
"$ref": "ALBAttackType,
"description": "Attack type. Enum options - LAND, SMURF, ICMP_PING_FLOOD, UNKOWN_PROTOCOL, TEARDROP, IP_FRAG_OVERRUN, IP_FRAG_TOOSMALL, IP_FRAG_FULL, IP_FRAG_INCOMPLETE, PORT_SCAN, TCP_NON_SYN_FLOOD_OLD, SYN_FLOOD, BAD_RST_FLOOD, MALFORMED_FLOOD, FAKE_SESSION, ZERO_WINDOW_STRESS, SMALL_WINDOW_STRESS, DOS_HTTP_TIMEOUT, DOS_HTTP_ERROR, DOS_HTTP_ABORT...",
"required": true,
"title": "Attack"
},
"max_value": {
"description": "Maximum number of packets or connections or requests in a given interval of time to be deemed as attack.",
"required": true,
"title": "Max value",
"type": "integer"
},
"min_value": {
"description": "Minimum number of packets or connections or requests in a given interval of time to be deemed as attack.",
"required": true,
"title": "Min value",
"type": "integer"
}
},
"title": "DosThreshold",
"type": "object"
}
ALBDosThresholdProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DosThresholdProfile object",
"id": "ALBDosThresholdProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"thresh_info": {
"description": "Attack type, min and max values for DoS attack detection.",
"items": {
"$ref": "ALBDosThreshold
},
"required": false,
"title": "Thresh info",
"type": "array"
},
"thresh_period": {
"default": 5,
"description": "Timer value in seconds to collect DoS attack metrics based on threshold on the Service Engine for this Virtual Service. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 5.",
"required": true,
"title": "Thresh period",
"type": "integer"
}
},
"title": "DosThresholdProfile",
"type": "object"
}
ALBDsrProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer DsrProfile object",
"id": "ALBDsrProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dsr_encap_type": {
"$ref": "ALBEncapType,
"default": "ENCAP_IPINIP",
"description": "Encapsulation type to use when DSR is L3. Enum options - ENCAP_IPINIP. Default value when not specified in API or module is interpreted by ALB Controller as ENCAP_IPINIP.",
"required": false,
"title": "Dsr encap type"
},
"dsr_type": {
"$ref": "ALBDsrType,
"default": "DSR_TYPE_L3",
"description": "DSR type L2/L3. Enum options - DSR_TYPE_L2, DSR_TYPE_L3. Default value when not specified in API or module is interpreted by ALB Controller as DSR_TYPE_L3.",
"required": false,
"title": "Dsr type"
}
},
"title": "DsrProfile",
"type": "object"
}
ALBDsrType (type)
{
"description": "Valid ENUM values for ALBDsrType",
"enum": [
"DSR_TYPE_L2",
"DSR_TYPE_L3"
],
"id": "ALBDsrType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "DsrType type",
"type": "string"
}
ALBEncapType (type)
{
"description": "Valid ENUM values for ALBEncapType",
"enum": [
"ENCAP_IPINIP"
],
"id": "ALBEncapType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "EncapType type",
"type": "string"
}
ALBEquivalentLabels (type)
{
"additionalProperties": false,
"description": "Advanced load balancer EquivalentLabels object",
"id": "ALBEquivalentLabels",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"labels": {
"description": "Equivalent labels.",
"items": {
"type": "string"
},
"required": false,
"title": "Labels",
"type": "array"
}
},
"title": "EquivalentLabels",
"type": "object"
}
ALBErrorPage (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ErrorPage object",
"id": "ALBErrorPage",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable": {
"default": true,
"description": "Enable or disable the error page. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"error_page_body_path": {
"description": "Custom error page body used to sent to the client. It is a reference to an object of type ErrorPageBody.",
"required": false,
"title": "Error page body path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBErrorPageProfile"
],
"relationshipType": "ALB_ERRORPAGEPROFILE_ALB_ERRORPAGEBODY_RELATIONSHIP",
"rightType": [
"ALBErrorPageBody"
]
}
]
},
"error_redirect": {
"description": "Redirect sent to client when match.",
"required": false,
"title": "Error redirect",
"type": "string"
},
"index": {
"description": "Index of the error page.",
"required": false,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBHTTPStatusMatch,
"description": "Add match criteria for http status codes to the error page. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Match"
}
},
"title": "ErrorPage",
"type": "object"
}
ALBErrorPageBody (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ErrorPageBody object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBErrorPageBody",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_page_body": {
"description": "Error page body sent to client when match.",
"required": false,
"title": "Error page body",
"type": "string"
},
"format": {
"$ref": "ALBErrorPageFormat,
"default": "ERROR_PAGE_FORMAT_HTML",
"description": "Format of an error page body HTML or JSON. Enum options - ERROR_PAGE_FORMAT_HTML, ERROR_PAGE_FORMAT_JSON. Default value when not specified in API or module is interpreted by ALB Controller as ERROR_PAGE_FORMAT_HTML.",
"required": false,
"title": "Format"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "ErrorPageBody",
"type": "object"
}
ALBErrorPageBodyApiResponse (type)
{
"additionalProperties": false,
"description": "ErrorPageBodyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBErrorPageBodyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ErrorPageBody",
"items": {
"$ref": "ALBErrorPageBody
},
"required": false,
"title": "Array of ErrorPageBody",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ErrorPageBodyApiResponse",
"type": "object"
}
ALBErrorPageFormat (type)
{
"description": "Valid ENUM values for ALBErrorPageFormat",
"enum": [
"ERROR_PAGE_FORMAT_HTML",
"ERROR_PAGE_FORMAT_JSON"
],
"id": "ALBErrorPageFormat",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ErrorPageFormat type",
"type": "string"
}
ALBErrorPageProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ErrorPageProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBErrorPageProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_pages": {
"description": "Defined Error Pages for HTTP status codes.",
"items": {
"$ref": "ALBErrorPage
},
"required": false,
"title": "Error pages",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "ErrorPageProfile",
"type": "object"
}
ALBErrorPageProfileApiResponse (type)
{
"additionalProperties": false,
"description": "ErrorPageProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBErrorPageProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ErrorPageProfile",
"items": {
"$ref": "ALBErrorPageProfile
},
"required": false,
"title": "Array of ErrorPageProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ErrorPageProfileApiResponse",
"type": "object"
}
ALBFailAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer FailAction object",
"id": "ALBFailAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"local_rsp": {
"$ref": "ALBFailActionHTTPLocalResponse,
"description": "Local response to HTTP requests when pool experiences a failure.",
"required": false,
"title": "Local rsp"
},
"redirect": {
"$ref": "ALBFailActionHTTPRedirect,
"description": "URL to redirect HTTP requests to when pool experiences a failure.",
"required": false,
"title": "Redirect"
},
"type": {
"$ref": "ALBFailActionEnum,
"default": "FAIL_ACTION_CLOSE_CONN",
"description": "Enables a response to client when pool experiences a failure. By default TCP connection is closed. Enum options - FAIL_ACTION_HTTP_REDIRECT, FAIL_ACTION_HTTP_LOCAL_RSP, FAIL_ACTION_CLOSE_CONN. Allowed in Basic(Allowed values- FAIL_ACTION_CLOSE_CONN,FAIL_ACTION_HTTP_REDIRECT) edition, Essentials(Allowed values- FAIL_ACTION_CLOSE_CONN) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_ACTION_CLOSE_CONN.",
"required": true,
"title": "Type"
}
},
"title": "FailAction",
"type": "object"
}
ALBFailActionEnum (type)
{
"description": "Valid ENUM values for ALBFailActionEnum",
"enum": [
"FAIL_ACTION_HTTP_REDIRECT",
"FAIL_ACTION_HTTP_LOCAL_RSP",
"FAIL_ACTION_CLOSE_CONN"
],
"id": "ALBFailActionEnum",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "FailActionEnum type",
"type": "string"
}
ALBFailActionHTTPLocalResponse (type)
{
"additionalProperties": false,
"description": "Advanced load balancer FailActionHTTPLocalResponse object",
"id": "ALBFailActionHTTPLocalResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"file": {
"$ref": "ALBHTTPLocalFile,
"description": "Placeholder for description of property file of obj type FailActionHTTPLocalResponse field type str type ref.",
"required": false,
"title": "File"
},
"status_code": {
"$ref": "ALBFailHttpStatusCode,
"default": "FAIL_HTTP_STATUS_CODE_503",
"description": "Enum options - FAIL_HTTP_STATUS_CODE_200, FAIL_HTTP_STATUS_CODE_503. Default value when not specified in API or module is interpreted by ALB Controller as FAIL_HTTP_STATUS_CODE_503.",
"required": false,
"title": "Status code"
}
},
"title": "FailActionHTTPLocalResponse",
"type": "object"
}
ALBFailActionHTTPRedirect (type)
{
"additionalProperties": false,
"description": "Advanced load balancer FailActionHTTPRedirect object",
"id": "ALBFailActionHTTPRedirect",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host": {
"description": "host of FailActionHTTPRedirect.",
"required": true,
"title": "Host",
"type": "string"
},
"path": {
"description": "path of FailActionHTTPRedirect.",
"required": false,
"title": "Path",
"type": "string"
},
"protocol": {
"$ref": "ALBHTTPProtocol,
"default": "HTTP",
"description": "Enum options - HTTP, HTTPS. Allowed in Basic(Allowed values- HTTP) edition, Enterprise edition. Special default for Basic edition is HTTP, Enterprise is HTTPS. Default value when not specified in API or module is interpreted by ALB Controller as HTTP.",
"required": false,
"title": "Protocol"
},
"query": {
"description": "query of FailActionHTTPRedirect.",
"required": false,
"title": "Query",
"type": "string"
},
"status_code": {
"$ref": "ALBHTTPRedirectStatusCode,
"default": "HTTP_REDIRECT_STATUS_CODE_302",
"description": "Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Allowed in Basic(Allowed values- HTTP_REDIRECT_STATUS_CODE_302) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302.",
"required": false,
"title": "Status code"
}
},
"title": "FailActionHTTPRedirect",
"type": "object"
}
ALBFailHttpStatusCode (type)
{
"description": "Valid ENUM values for ALBFailHttpStatusCode",
"enum": [
"FAIL_HTTP_STATUS_CODE_200",
"FAIL_HTTP_STATUS_CODE_503"
],
"id": "ALBFailHttpStatusCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "FailHttpStatusCode type",
"type": "string"
}
ALBFlowLabelType (type)
{
"description": "Valid ENUM values for ALBFlowLabelType",
"enum": [
"NO_LABEL",
"APPLICATION_LABEL",
"SERVICE_LABEL"
],
"id": "ALBFlowLabelType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "FlowLabelType type",
"type": "string"
}
ALBFullClientLogs (type)
{
"additionalProperties": false,
"description": "Advanced load balancer FullClientLogs object",
"id": "ALBFullClientLogs",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"duration": {
"default": 30,
"description": "How long should the system capture all logs, measured in minutes. Set to 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"required": false,
"title": "Duration",
"type": "integer"
},
"enabled": {
"default": false,
"description": "Capture all client logs including connections and requests. When deactivated, only errors will be logged. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Enabled",
"type": "boolean"
},
"throttle": {
"default": 10,
"description": "This setting limits the number of non-significant logs generated per second for this VS on each SE. Default is 10 logs per second. Set it to zero (0) to deactivate throttling. Unit is PER_SECOND. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"required": false,
"title": "Throttle",
"type": "integer"
}
},
"title": "FullClientLogs",
"type": "object"
}
ALBGeoLocation (type)
{
"additionalProperties": false,
"description": "Advanced load balancer GeoLocation object",
"id": "ALBGeoLocation",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"latitude": {
"description": "Latitude of the location. This is represented as degrees.minutes. The range is from -90.0 (south) to +90.0 (north). Allowed values are -90.0-+90.0.",
"required": false,
"title": "Latitude",
"type": "number"
},
"longitude": {
"description": "Longitude of the location. This is represented as degrees.minutes. The range is from -180.0 (west) to +180.0 (east). Allowed values are -180.0-+180.0.",
"required": false,
"title": "Longitude",
"type": "number"
},
"name": {
"description": "Location name in the format Country/State/City.",
"required": false,
"title": "Name",
"type": "string"
},
"tag": {
"description": "Location tag string - example USEast.",
"required": false,
"title": "Tag",
"type": "string"
}
},
"title": "GeoLocation",
"type": "object"
}
ALBHSMAwsCloudHsm (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMAwsCloudHsm object",
"id": "ALBHSMAwsCloudHsm",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_config": {
"description": "client_config of HSMAwsCloudHsm.",
"required": false,
"title": "Client config",
"type": "string"
},
"cluster_cert": {
"description": "AWS CloudHSM Cluster Certificate.",
"required": false,
"title": "Cluster cert",
"type": "string"
},
"crypto_user_name": {
"description": "Username of the Crypto User. This will be used to access the keys on the HSM .",
"required": false,
"title": "Crypto user name",
"type": "string"
},
"crypto_user_password": {
"description": "Password of the Crypto User. This will be used to access the keys on the HSM .",
"required": false,
"sensitive": true,
"title": "Crypto user password",
"type": "string"
},
"hsm_ip": {
"description": "IP address of the HSM in the cluster. If there are more than one HSMs, only one is sufficient.",
"items": {
"type": "string"
},
"required": false,
"title": "Hsm ip",
"type": "array"
},
"mgmt_config": {
"description": "mgmt_config of HSMAwsCloudHsm.",
"required": false,
"title": "Mgmt config",
"type": "string"
}
},
"title": "HSMAwsCloudHsm",
"type": "object"
}
ALBHSMSafenetClientInfo (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMSafenetClientInfo object",
"id": "ALBHSMSafenetClientInfo",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"chrystoki_conf": {
"description": "Generated File - Chrystoki.conf .",
"required": false,
"title": "Chrystoki conf",
"type": "string"
},
"client_cert": {
"description": "Client Certificate generated by createCert.",
"required": false,
"title": "Client cert",
"type": "string"
},
"client_ip": {
"description": "Name prepended to client key and certificate filename.",
"required": true,
"title": "Client ip",
"type": "string"
},
"client_priv_key": {
"description": "Client Private Key generated by createCert.",
"required": false,
"sensitive": true,
"title": "Client priv key",
"type": "string"
},
"session_major_number": {
"description": "Major number of the sesseion.",
"required": false,
"title": "Session major number",
"type": "integer"
},
"session_minor_number": {
"description": "Minor number of the sesseion.",
"required": false,
"title": "Session minor number",
"type": "integer"
}
},
"title": "HSMSafenetClientInfo",
"type": "object"
}
ALBHSMSafenetLuna (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMSafenetLuna object",
"id": "ALBHSMSafenetLuna",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ha_group_num": {
"description": "Group Number of generated HA Group.",
"required": false,
"title": "Ha group num",
"type": "integer"
},
"is_ha": {
"default": false,
"description": "Set to indicate HA across more than one servers. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Is ha",
"type": "boolean"
},
"node_info": {
"description": "Node specific information.",
"items": {
"$ref": "ALBHSMSafenetClientInfo
},
"required": false,
"title": "Node info",
"type": "array"
},
"server": {
"description": "SafeNet/Gemalto HSM Servers used for crypto operations.",
"items": {
"$ref": "ALBHSMSafenetLunaServer
},
"required": false,
"title": "Server",
"type": "array"
},
"server_pem": {
"description": "Generated File - server.pem.",
"required": false,
"title": "Server pem",
"type": "string"
},
"use_dedicated_network": {
"default": false,
"description": "If enabled, dedicated network is used to communicate with HSM,else, the management network is used. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use dedicated network",
"type": "boolean"
}
},
"title": "HSMSafenetLuna",
"type": "object"
}
ALBHSMSafenetLunaServer (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMSafenetLunaServer object",
"id": "ALBHSMSafenetLunaServer",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"partition_passwd": {
"description": "Password of the partition assigned to this client.",
"required": false,
"sensitive": true,
"title": "Partition passwd",
"type": "string"
},
"partition_serial_number": {
"description": "Serial number of the partition assigned to this client.",
"required": false,
"title": "Partition serial number",
"type": "string"
},
"remote_ip": {
"description": "IP address of the Safenet/Gemalto HSM device.",
"required": true,
"title": "Remote ip",
"type": "string"
},
"server_cert": {
"description": "CA certificate of the server.",
"required": true,
"title": "Server cert",
"type": "string"
}
},
"title": "HSMSafenetLunaServer",
"type": "object"
}
ALBHSMThalesNetHsm (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMThalesNetHsm object",
"id": "ALBHSMThalesNetHsm",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"esn": {
"description": "Electronic serial number of the netHSM device. Use Thales anonkneti utility to find the netHSM ESN.",
"required": true,
"title": "Esn",
"type": "string"
},
"keyhash": {
"description": "Hash of the key that netHSM device uses to authenticate itself. Use Thales anonkneti utility to find the netHSM keyhash.",
"required": true,
"title": "Keyhash",
"type": "string"
},
"module_id": {
"default": 0,
"description": "Local module id of the netHSM device. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Module id",
"type": "integer"
},
"priority": {
"default": 100,
"description": "Priority class of the nethsm in an high availability setup. 1 is the highest priority and 100 is the lowest priority. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 100,
"minimum": 1,
"required": true,
"title": "Priority",
"type": "integer"
},
"remote_ip": {
"$ref": "ALBIpAddr,
"description": "IP address of the netHSM device.",
"required": true,
"title": "Remote ip"
},
"remote_port": {
"default": 9004,
"description": "Port at which the netHSM device accepts the connection. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Remote port",
"type": "integer"
}
},
"title": "HSMThalesNetHsm",
"type": "object"
}
ALBHSMThalesRFS (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HSMThalesRFS object",
"id": "ALBHSMThalesRFS",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip": {
"$ref": "ALBIpAddr,
"description": "IP address of the RFS server from where to sync the Thales encrypted private key.",
"required": true,
"title": "Ip"
},
"port": {
"default": 9004,
"description": "Port at which the RFS server accepts the sync request from clients for Thales encrypted private key. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 9004.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Port",
"type": "integer"
}
},
"title": "HSMThalesRFS",
"type": "object"
}
ALBHSMType (type)
{
"description": "Valid ENUM values for ALBHSMType",
"enum": [
"HSM_TYPE_THALES_NETHSM",
"HSM_TYPE_SAFENET_LUNA",
"HSM_TYPE_AWS_CLOUDHSM"
],
"id": "ALBHSMType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HSMType type",
"type": "string"
}
ALBHTTP2ApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTP2ApplicationProfile object",
"id": "ALBHTTP2ApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"http2_initial_window_size": {
"default": 64,
"description": "The initial flow control window size in KB for HTTP/2 streams. Allowed values are 64-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64.",
"maximum": 32768,
"minimum": 64,
"required": false,
"title": "Http2 initial window size",
"type": "integer"
},
"max_http2_concurrent_streams_per_connection": {
"default": 128,
"description": "The max number of concurrent streams over a client side HTTP/2 connection. Allowed values are 1-256. Default value when not specified in API or module is interpreted by ALB Controller as 128.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Max http2 concurrent streams per connection",
"type": "integer"
},
"max_http2_control_frames_per_connection": {
"default": 1000,
"description": "The max number of control frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited control frames on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000.",
"maximum": 10000,
"minimum": 0,
"required": false,
"title": "Max http2 control frames per connection",
"type": "integer"
},
"max_http2_empty_data_frames_per_connection": {
"default": 1000,
"description": "The max number of empty data frames that client can send over an HTTP/2 connection. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited empty data frames over a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000.",
"maximum": 10000,
"minimum": 0,
"required": false,
"title": "Max http2 empty data frames per connection",
"type": "integer"
},
"max_http2_header_field_size": {
"default": 4096,
"description": "The maximum size in bytes of the compressed request header field. The limit applies equally to both name and value. Allowed values are 1-8192. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 4096.",
"maximum": 8192,
"minimum": 1,
"required": false,
"title": "Max http2 header field size",
"type": "integer"
},
"max_http2_queued_frames_to_client_per_connection": {
"default": 1000,
"description": "The max number of frames that can be queued waiting to be sent over a client side HTTP/2 connection at any given time. '0' means unlimited. Allowed values are 0-10000. Special values are 0- 'Unlimited frames can be queued on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000.",
"maximum": 10000,
"minimum": 0,
"required": false,
"title": "Max http2 queued frames to client per connection",
"type": "integer"
},
"max_http2_requests_per_connection": {
"default": 1000,
"description": "The maximum number of requests over a client side HTTP/2 connection. Allowed values are 0-10000. Special values are 0- 'Unlimited requests on a client side HTTP/2 connection'. Default value when not specified in API or module is interpreted by ALB Controller as 1000.",
"maximum": 10000,
"minimum": 0,
"required": false,
"title": "Max http2 requests per connection",
"type": "integer"
}
},
"title": "HTTP2ApplicationProfile",
"type": "object"
}
ALBHTTPApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPApplicationProfile object",
"id": "ALBHTTPApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"allow_dots_in_header_name": {
"default": false,
"description": "Allow use of dot (.) in HTTP header names, for instance Header.app.special PickAppVersionX. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Allow dots in header name",
"type": "boolean"
},
"cache_config": {
"$ref": "ALBHttpCacheConfig,
"description": "HTTP Caching config to use with this HTTP Profile.",
"required": false,
"title": "Cache config"
},
"client_body_timeout": {
"default": 30000,
"description": "The maximum length of time allowed between consecutive read operations for a client request body. The value '0' specifies no timeout. This setting generally impacts the length of time allowed for a client to send a POST. Allowed values are 0-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000.",
"maximum": 100000000,
"minimum": 0,
"required": false,
"title": "Client body timeout",
"type": "integer"
},
"client_header_timeout": {
"default": 10000,
"description": "The maximum length of time allowed for a client to transmit an entire request header. This helps mitigate various forms of SlowLoris attacks. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 10000) edition, Essentials(Allowed values- 10000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 10000.",
"maximum": 100000000,
"minimum": 10,
"required": false,
"title": "Client header timeout",
"type": "integer"
},
"client_max_body_size": {
"default": 0,
"description": "Maximum size for the client request body. This limits the size of the client data that can be uploaded/posted as part of a single HTTP Request. Default 0 => Unlimited. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Client max body size",
"type": "integer"
},
"client_max_header_size": {
"default": 12,
"description": "Maximum size in Kbytes of a single HTTP header in the client request. Allowed values are 1-64. Unit is KB. Allowed in Basic(Allowed values- 12) edition, Essentials(Allowed values- 12) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 12.",
"maximum": 64,
"minimum": 1,
"required": false,
"title": "Client max header size",
"type": "integer"
},
"client_max_request_size": {
"default": 48,
"description": "Maximum size in Kbytes of all the client HTTP request headers. Allowed values are 1-256. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 48.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Client max request size",
"type": "integer"
},
"compression_profile": {
"$ref": "ALBCompressionProfile,
"description": "HTTP Compression settings to use with this HTTP Profile.",
"required": false,
"title": "Compression profile"
},
"connection_multiplexing_enabled": {
"default": true,
"description": "Allows HTTP requests, not just TCP connections, to be load balanced across servers. Proxied TCP connections to servers may be reused by multiple clients to improve performance. Not compatible with Preserve Client IP. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Connection multiplexing enabled",
"type": "boolean"
},
"disable_keepalive_posts_msie6": {
"default": true,
"description": "Disable keep-alive client side connections for older browsers based off MS Internet Explorer 6.0 (MSIE6). For some applications, this might break NTLM authentication for older clients based off MSIE6. For such applications, set this option to false to allow keep-alive connections. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Disable keepalive posts msie6",
"type": "boolean"
},
"disable_sni_hostname_check": {
"default": false,
"description": "Disable strict check between TLS servername and HTTP Host name. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Disable sni hostname check",
"type": "boolean"
},
"enable_chunk_merge": {
"default": true,
"description": "Enable chunk body merge for chunked transfer encoding response. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable chunk merge",
"type": "boolean"
},
"enable_fire_and_forget": {
"default": false,
"description": "Enable support for fire and forget feature. If enabled, request from client is forwarded to server even if client prematurely closes the connection. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable fire and forget",
"type": "boolean"
},
"enable_request_body_buffering": {
"default": false,
"description": "Enable request body buffering for POST requests. If enabled, max buffer size is set to lower of 32M or the value (non-zero) configured in client_max_body_size. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable request body buffering",
"type": "boolean"
},
"enable_request_body_metrics": {
"default": false,
"description": "Enable HTTP request body metrics. If enabled, requests from clients are parsed and relevant statistics about them are gathered. Currently, it processes HTTP POST requests with Content-Type application/x-www-form-urlencoded or multipart/form-data, and adds the number of detected parameters to the l7_client.http_params_count. This is an experimental feature and it may have performance impact. Use it when detailed information about the number of HTTP POST parameters is needed, e.g. for WAF sizing. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable request body metrics",
"type": "boolean"
},
"fwd_close_hdr_for_bound_connections": {
"default": true,
"description": "Forward the Connection Close header coming from backend server to the client if connection-switching is enabled, i.e. front-end and backend connections are bound together. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Fwd close hdr for bound connections",
"type": "boolean"
},
"hsts_enabled": {
"default": false,
"description": "Inserts HTTP Strict-Transport-Security header in the HTTPS response. HSTS can help mitigate man-in-the-middle attacks by telling browsers that support HSTS that they should only access this site via HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Hsts enabled",
"type": "boolean"
},
"hsts_max_age": {
"default": 365,
"description": "Number of days for which the client should regard this virtual service as a known HSTS host. Allowed values are 0-10000. Allowed in Basic(Allowed values- 365) edition, Essentials(Allowed values- 365) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 365.",
"maximum": 10000,
"minimum": 0,
"required": false,
"title": "Hsts max age",
"type": "integer"
},
"hsts_subdomains_enabled": {
"default": false,
"description": "Insert the 'includeSubdomains' directive in the HTTP Strict-Transport-Security header. Adding the includeSubdomains directive signals the User-Agent that the HSTS Policy applies to this HSTS Host as well as any subdomains of the host's domain name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Hsts subdomains enabled",
"type": "boolean"
},
"http2_profile": {
"$ref": "ALBHTTP2ApplicationProfile,
"description": "Specifies the HTTP/2 specific application profile parameters. Allowed in Essentials edition, Enterprise edition.",
"required": false,
"title": "Http2 profile"
},
"http_to_https": {
"default": false,
"description": "Client requests received via HTTP will be redirected to HTTPS. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Http to https",
"type": "boolean"
},
"http_upstream_buffer_size": {
"default": 0,
"description": "Size of HTTP buffer in kB. Allowed values are 1-256. Special values are 0- 'Auto compute the size of buffer'. Unit is KB. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 256,
"minimum": 0,
"required": false,
"title": "Http upstream buffer size",
"type": "integer"
},
"httponly_enabled": {
"default": false,
"description": "Mark HTTP cookies as HTTPonly. This helps mitigate cross site scripting attacks as browsers will not allow these cookies to be read by third parties, such as javascript. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Httponly enabled",
"type": "boolean"
},
"keepalive_header": {
"default": false,
"description": "Send HTTP 'Keep-Alive' header to the client. By default, the timeout specified in the 'Keep-Alive Timeout' field will be used unless the 'Use App Keepalive Timeout' flag is set, in which case the timeout sent by the application will be honored. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Keepalive header",
"type": "boolean"
},
"keepalive_timeout": {
"default": 30000,
"description": "The max idle time allowed between HTTP requests over a Keep-alive connection. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000.",
"maximum": 100000000,
"minimum": 10,
"required": false,
"title": "Keepalive timeout",
"type": "integer"
},
"max_bad_rps_cip": {
"default": 0,
"description": "Maximum bad requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max bad rps cip",
"type": "integer"
},
"max_bad_rps_cip_uri": {
"default": 0,
"description": "Maximum bad requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max bad rps cip uri",
"type": "integer"
},
"max_bad_rps_uri": {
"default": 0,
"description": "Maximum bad requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max bad rps uri",
"type": "integer"
},
"max_keepalive_requests": {
"default": 100,
"description": "The max number of HTTP requests that can be sent over a Keep-Alive connection. '0' means unlimited. Allowed values are 0-1000000. Special values are 0- 'Unlimited requests on a connection'. Allowed in Basic(Allowed values- 100) edition, Essentials(Allowed values- 100) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 1000000,
"minimum": 0,
"required": false,
"title": "Max keepalive requests",
"type": "integer"
},
"max_response_headers_size": {
"default": 48,
"description": "Maximum size in Kbytes of all the HTTP response headers. Allowed values are 1-256. Unit is KB. Allowed in Basic(Allowed values- 48) edition, Essentials(Allowed values- 48) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 48.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Max response headers size",
"type": "integer"
},
"max_rps_cip": {
"default": 0,
"description": "Maximum requests per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max rps cip",
"type": "integer"
},
"max_rps_cip_uri": {
"default": 0,
"description": "Maximum requests per second per client IP and URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max rps cip uri",
"type": "integer"
},
"max_rps_unknown_cip": {
"default": 0,
"description": "Maximum unknown client IPs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max rps unknown cip",
"type": "integer"
},
"max_rps_unknown_uri": {
"default": 0,
"description": "Maximum unknown URIs per second. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max rps unknown uri",
"type": "integer"
},
"max_rps_uri": {
"default": 0,
"description": "Maximum requests per second per URI. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max rps uri",
"type": "integer"
},
"pki_profile_path": {
"description": "Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile.",
"required": false,
"title": "Pki profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_PKIPROFILE_RELATIONSHIP",
"rightType": [
"ALBPKIProfile"
]
}
]
},
"post_accept_timeout": {
"default": 30000,
"description": "The max allowed length of time between a client establishing a TCP connection and Avi receives the first byte of the client's HTTP request. Allowed values are 10-100000000. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 30000) edition, Essentials(Allowed values- 30000) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 30000.",
"maximum": 100000000,
"minimum": 10,
"required": false,
"title": "Post accept timeout",
"type": "integer"
},
"reset_conn_http_on_ssl_port": {
"default": false,
"description": "If enabled, an HTTP request on an SSL port will result in connection close instead of a 400 response. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Reset conn http on ssl port",
"type": "boolean"
},
"respond_with_100_continue": {
"default": true,
"description": "Avi will respond with 100-Continue response if Expect 100-Continue header received from client. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Respond with 100 continue",
"type": "boolean"
},
"secure_cookie_enabled": {
"default": false,
"description": "Mark server cookies with the 'Secure' attribute. Client browsers will not send a cookie marked as secure over an unencrypted connection. If Avi is terminating SSL from clients and passing it as HTTP to the server, the server may return cookies without the secure flag set. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Secure cookie enabled",
"type": "boolean"
},
"server_side_redirect_to_https": {
"default": false,
"description": "When terminating client SSL sessions at Avi, servers may incorrectly send redirect to clients as HTTP. This option will rewrite the server's redirect responses for this virtual service from HTTP to HTTPS. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Server side redirect to https",
"type": "boolean"
},
"ssl_client_certificate_action": {
"$ref": "ALBSSLClientCertificateAction,
"description": "Set of match/action rules that govern what happens when the client certificate request is enabled.",
"required": false,
"title": "Ssl client certificate action"
},
"ssl_client_certificate_mode": {
"$ref": "ALBSSLClientCertificateMode,
"default": "SSL_CLIENT_CERTIFICATE_NONE",
"description": "Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE,SSL_CLIENT_CERTIFICATE_REQUIRE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE.",
"required": false,
"title": "Ssl client certificate mode"
},
"use_app_keepalive_timeout": {
"default": false,
"description": "Use 'Keep-Alive' header timeout sent by application instead of sending the HTTP Keep-Alive Timeout. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use app keepalive timeout",
"type": "boolean"
},
"websockets_enabled": {
"default": true,
"description": "Enable Websockets proxy for traffic from clients to the virtual service. Connections to this VS start in HTTP mode. If the client requests an Upgrade to Websockets, and the server responds back with success, then the connection is upgraded to WebSockets mode. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Websockets enabled",
"type": "boolean"
},
"x_forwarded_proto_enabled": {
"default": false,
"description": "Insert an X-Forwarded-Proto header in the request sent to the server. When the client connects via SSL, Avi terminates the SSL, and then forwards the requests to the servers via HTTP, so the servers can determine the original protocol via this header. In this example, the value will be 'https'. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "X forwarded proto enabled",
"type": "boolean"
},
"xff_alternate_name": {
"default": "X-Forwarded-For",
"description": "Provide a custom name for the X-Forwarded-For header sent to the servers. Default value when not specified in API or module is interpreted by ALB Controller as X-Forwarded-For.",
"required": false,
"title": "Xff alternate name",
"type": "string"
},
"xff_enabled": {
"default": true,
"description": "The client's original IP address is inserted into an HTTP request header sent to the server. Servers may use this address for logging or other purposes, rather than Avi's source NAT address used in the Avi to server IP connection. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Xff enabled",
"type": "boolean"
}
},
"title": "HTTPApplicationProfile",
"type": "object"
}
ALBHTTPClientAuthenticationParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPClientAuthenticationParams object",
"id": "ALBHTTPClientAuthenticationParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"auth_profile_path": {
"description": "Auth Profile to use for validating users. It is a reference to an object of type AuthProfile.",
"required": false,
"title": "Auth profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_AUTHPROFILE_RELATIONSHIP",
"rightType": [
"ALBAuthProfile"
]
}
]
},
"realm": {
"description": "Basic authentication realm to present to a user along with the prompt for credentials.",
"required": false,
"title": "Realm",
"type": "string"
},
"request_uri_path": {
"$ref": "ALBStringMatch,
"description": "Rrequest URI path when the authentication applies.",
"required": false,
"title": "Request uri path"
},
"type": {
"$ref": "ALBHTTPClientAuthenticationType,
"description": "type of client authentication. Enum options - HTTP_BASIC_AUTH.",
"required": false,
"title": "Type"
}
},
"title": "HTTPClientAuthenticationParams",
"type": "object"
}
ALBHTTPClientAuthenticationType (type)
{
"description": "Valid ENUM values for ALBHTTPClientAuthenticationType",
"enum": [
"HTTP_BASIC_AUTH"
],
"id": "ALBHTTPClientAuthenticationType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPClientAuthenticationType type",
"type": "string"
}
ALBHTTPCookieData (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPCookieData object",
"id": "ALBHTTPCookieData",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"name": {
"description": "Cookie name.",
"required": false,
"title": "Name",
"type": "string"
},
"value": {
"description": "Cookie value.",
"required": false,
"title": "Value",
"type": "string"
}
},
"title": "HTTPCookieData",
"type": "object"
}
ALBHTTPHdrAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPHdrAction object",
"id": "ALBHTTPHdrAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBHTTPHdrActionType,
"description": "ADD A new header with the new value is added irrespective of the existence of an HTTP header of the given name. REPLACE A new header with the new value is added if no header of the given name exists, else existing headers with the given name are removed and a new header with the new value is added. REMOVE All the headers of the given name are removed. Enum options - HTTP_ADD_HDR, HTTP_REMOVE_HDR, HTTP_REPLACE_HDR. Allowed in Basic(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Essentials(Allowed values- HTTP_REMOVE_HDR,HTTP_REPLACE_HDR) edition, Enterprise edition.",
"required": true,
"title": "Action"
},
"cookie": {
"$ref": "ALBHTTPCookieData,
"description": "Cookie information.",
"required": false,
"title": "Cookie"
},
"hdr": {
"$ref": "ALBHTTPHdrData,
"description": "HTTP header information.",
"required": false,
"title": "Hdr"
}
},
"title": "HTTPHdrAction",
"type": "object"
}
ALBHTTPHdrActionType (type)
{
"description": "Valid ENUM values for ALBHTTPHdrActionType",
"enum": [
"HTTP_ADD_HDR",
"HTTP_REMOVE_HDR",
"HTTP_REPLACE_HDR"
],
"id": "ALBHTTPHdrActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPHdrActionType type",
"type": "string"
}
ALBHTTPHdrData (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPHdrData object",
"id": "ALBHTTPHdrData",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"name": {
"description": "HTTP header name.",
"required": false,
"title": "Name",
"type": "string"
},
"value": {
"$ref": "ALBHTTPHdrValue,
"description": "HTTP header value.",
"required": false,
"title": "Value"
}
},
"title": "HTTPHdrData",
"type": "object"
}
ALBHTTPHdrValue (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPHdrValue object",
"id": "ALBHTTPHdrValue",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"val": {
"description": "HTTP header value or variable representing an HTTP header.",
"required": false,
"title": "Val",
"type": "string"
},
"var": {
"$ref": "ALBHTTPPolicyVar,
"description": "Variable. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER.",
"required": false,
"title": "Var"
}
},
"title": "HTTPHdrValue",
"type": "object"
}
ALBHTTPLocalFile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPLocalFile object",
"id": "ALBHTTPLocalFile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"content_type": {
"description": "Mime-type of the content in the file.",
"required": true,
"title": "Content type",
"type": "string"
},
"file_content": {
"description": "File content to used in the local HTTP response body.",
"required": true,
"title": "File content",
"type": "string"
}
},
"title": "HTTPLocalFile",
"type": "object"
}
ALBHTTPLocalResponseStatusCode (type)
{
"description": "Valid ENUM values for ALBHTTPLocalResponseStatusCode",
"enum": [
"HTTP_LOCAL_RESPONSE_STATUS_CODE_200",
"HTTP_LOCAL_RESPONSE_STATUS_CODE_204",
"HTTP_LOCAL_RESPONSE_STATUS_CODE_403",
"HTTP_LOCAL_RESPONSE_STATUS_CODE_404",
"HTTP_LOCAL_RESPONSE_STATUS_CODE_429",
"HTTP_LOCAL_RESPONSE_STATUS_CODE_501"
],
"id": "ALBHTTPLocalResponseStatusCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPLocalResponseStatusCode type",
"type": "string"
}
ALBHTTPMethod (type)
{
"description": "Valid ENUM values for ALBHTTPMethod",
"enum": [
"HTTP_METHOD_GET",
"HTTP_METHOD_HEAD",
"HTTP_METHOD_PUT",
"HTTP_METHOD_DELETE",
"HTTP_METHOD_POST",
"HTTP_METHOD_OPTIONS",
"HTTP_METHOD_TRACE",
"HTTP_METHOD_CONNECT",
"HTTP_METHOD_PATCH",
"HTTP_METHOD_PROPFIND",
"HTTP_METHOD_PROPPATCH",
"HTTP_METHOD_MKCOL",
"HTTP_METHOD_COPY",
"HTTP_METHOD_MOVE",
"HTTP_METHOD_LOCK",
"HTTP_METHOD_UNLOCK"
],
"id": "ALBHTTPMethod",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPMethod type",
"type": "string"
}
ALBHTTPPolicies (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPPolicies object",
"id": "ALBHTTPPolicies",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"http_policy_set_path": {
"description": "path of the virtual service HTTP policy collection. It is a reference to an object of type HTTPPolicySet.",
"required": true,
"title": "Http policy set path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_HTTPPOLICYSET_RELATIONSHIP",
"rightType": [
"ALBHTTPPolicySet"
]
}
]
},
"index": {
"description": "Index of the virtual service HTTP policy collection.",
"required": true,
"title": "Index",
"type": "integer"
}
},
"title": "HTTPPolicies",
"type": "object"
}
ALBHTTPPolicySet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPPolicySet object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBHTTPPolicySet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_config_cksum": {
"description": "Checksum of cloud configuration for Pool. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"http_request_policy": {
"$ref": "ALBHTTPRequestPolicy,
"description": "HTTP request policy for the virtual service.",
"required": false,
"title": "Http request policy"
},
"http_response_policy": {
"$ref": "ALBHTTPResponsePolicy,
"description": "HTTP response policy for the virtual service.",
"required": false,
"title": "Http response policy"
},
"http_security_policy": {
"$ref": "ALBHTTPSecurityPolicy,
"description": "HTTP security policy for the virtual service.",
"required": false,
"title": "Http security policy"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_internal_policy": {
"default": false,
"description": "Placeholder for description of property is_internal_policy of obj type HTTPPolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is internal policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "HTTPPolicySet",
"type": "object"
}
ALBHTTPPolicySetApiResponse (type)
{
"additionalProperties": false,
"description": "HTTPPolicySetApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBHTTPPolicySetApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of HTTPPolicySet",
"items": {
"$ref": "ALBHTTPPolicySet
},
"required": false,
"title": "Array of HTTPPolicySet",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HTTPPolicySetApiResponse",
"type": "object"
}
ALBHTTPPolicyVar (type)
{
"description": "Valid ENUM values for ALBHTTPPolicyVar",
"enum": [
"HTTP_POLICY_VAR_CLIENT_IP",
"HTTP_POLICY_VAR_VS_PORT",
"HTTP_POLICY_VAR_VS_IP",
"HTTP_POLICY_VAR_HTTP_HDR",
"HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT",
"HTTP_POLICY_VAR_SSL_CLIENT_SERIAL",
"HTTP_POLICY_VAR_SSL_CLIENT_ISSUER",
"HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT",
"HTTP_POLICY_VAR_SSL_CLIENT_RAW",
"HTTP_POLICY_VAR_SSL_PROTOCOL",
"HTTP_POLICY_VAR_SSL_SERVER_NAME",
"HTTP_POLICY_VAR_USER_NAME",
"HTTP_POLICY_VAR_SSL_CIPHER",
"HTTP_POLICY_VAR_REQUEST_ID",
"HTTP_POLICY_VAR_SSL_CLIENT_VERSION",
"HTTP_POLICY_VAR_SSL_CLIENT_SIGALG",
"HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE",
"HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER"
],
"id": "ALBHTTPPolicyVar",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPPolicyVar type",
"type": "string"
}
ALBHTTPProtocol (type)
{
"description": "Valid ENUM values for ALBHTTPProtocol",
"enum": [
"HTTP",
"HTTPS"
],
"id": "ALBHTTPProtocol",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPProtocol type",
"type": "string"
}
ALBHTTPRedirectAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPRedirectAction object",
"id": "ALBHTTPRedirectAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host": {
"$ref": "ALBURIParam,
"description": "Host config.",
"required": false,
"title": "Host"
},
"keep_query": {
"default": true,
"description": "Keep or drop the query of the incoming request URI in the redirected URI. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Keep query",
"type": "boolean"
},
"path": {
"$ref": "ALBURIParam,
"description": "Path config.",
"required": false,
"title": "Path"
},
"port": {
"description": "Port to which redirect the request. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Port",
"type": "integer"
},
"protocol": {
"$ref": "ALBHTTPProtocol,
"description": "Protocol type. Enum options - HTTP, HTTPS.",
"required": true,
"title": "Protocol"
},
"status_code": {
"$ref": "ALBHTTPRedirectStatusCode,
"default": "HTTP_REDIRECT_STATUS_CODE_302",
"description": "HTTP redirect status code. Enum options - HTTP_REDIRECT_STATUS_CODE_301, HTTP_REDIRECT_STATUS_CODE_302, HTTP_REDIRECT_STATUS_CODE_307. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_REDIRECT_STATUS_CODE_302.",
"required": false,
"title": "Status code"
}
},
"title": "HTTPRedirectAction",
"type": "object"
}
ALBHTTPRedirectStatusCode (type)
{
"description": "Valid ENUM values for ALBHTTPRedirectStatusCode",
"enum": [
"HTTP_REDIRECT_STATUS_CODE_301",
"HTTP_REDIRECT_STATUS_CODE_302",
"HTTP_REDIRECT_STATUS_CODE_307"
],
"id": "ALBHTTPRedirectStatusCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPRedirectStatusCode type",
"type": "string"
}
ALBHTTPRequestPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPRequestPolicy object",
"id": "ALBHTTPRequestPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"rules": {
"description": "Add rules to the HTTP request policy.",
"items": {
"$ref": "ALBHTTPRequestRule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "HTTPRequestPolicy",
"type": "object"
}
ALBHTTPRequestRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPRequestRule object",
"id": "ALBHTTPRequestRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"all_headers": {
"description": "Log all HTTP headers upon rule match.",
"required": false,
"title": "All headers",
"type": "boolean"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": true,
"title": "Enable",
"type": "boolean"
},
"hdr_action": {
"description": "HTTP header rewrite action.",
"items": {
"$ref": "ALBHTTPHdrAction
},
"required": false,
"title": "Hdr action",
"type": "array"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"log": {
"description": "Log HTTP request upon rule match.",
"required": false,
"title": "Log",
"type": "boolean"
},
"match": {
"$ref": "ALBMatchTarget,
"description": "Add match criteria to the rule.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
},
"redirect_action": {
"$ref": "ALBHTTPRedirectAction,
"description": "HTTP redirect action.",
"required": false,
"title": "Redirect action"
},
"rewrite_url_action": {
"$ref": "ALBHTTPRewriteURLAction,
"description": "HTTP request URL rewrite action.",
"required": false,
"title": "Rewrite url action"
},
"switching_action": {
"$ref": "ALBHTTPSwitchingAction,
"description": "Content switching action.",
"required": false,
"title": "Switching action"
}
},
"title": "HTTPRequestRule",
"type": "object"
}
ALBHTTPReselectRespCode (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPReselectRespCode object",
"id": "ALBHTTPReselectRespCode",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"codes": {
"description": "HTTP response code to be matched. Allowed values are 400-599.",
"items": {
"type": "integer"
},
"required": false,
"title": "Codes",
"type": "array"
},
"ranges": {
"description": "HTTP response code ranges to match.",
"items": {
"$ref": "ALBHTTPStatusRange
},
"required": false,
"title": "Ranges",
"type": "array"
},
"resp_code_block": {
"description": "Block of HTTP response codes to match for server reselect. Enum options - HTTP_RSP_4XX, HTTP_RSP_5XX.",
"items": {
"$ref": "ALBHttpReselectRespCodeBlock
},
"required": false,
"title": "Resp code block",
"type": "array"
}
},
"title": "HTTPReselectRespCode",
"type": "object"
}
ALBHTTPResponseCodes (type)
{
"description": "Valid ENUM values for ALBHTTPResponseCodes",
"enum": [
"HTTP_RESPONSE_CODE_0",
"HTTP_RESPONSE_CODE_100",
"HTTP_RESPONSE_CODE_101",
"HTTP_RESPONSE_CODE_200",
"HTTP_RESPONSE_CODE_201",
"HTTP_RESPONSE_CODE_202",
"HTTP_RESPONSE_CODE_203",
"HTTP_RESPONSE_CODE_204",
"HTTP_RESPONSE_CODE_205",
"HTTP_RESPONSE_CODE_206",
"HTTP_RESPONSE_CODE_300",
"HTTP_RESPONSE_CODE_301",
"HTTP_RESPONSE_CODE_302",
"HTTP_RESPONSE_CODE_303",
"HTTP_RESPONSE_CODE_304",
"HTTP_RESPONSE_CODE_305",
"HTTP_RESPONSE_CODE_307",
"HTTP_RESPONSE_CODE_400",
"HTTP_RESPONSE_CODE_401",
"HTTP_RESPONSE_CODE_402",
"HTTP_RESPONSE_CODE_403",
"HTTP_RESPONSE_CODE_404",
"HTTP_RESPONSE_CODE_405",
"HTTP_RESPONSE_CODE_406",
"HTTP_RESPONSE_CODE_407",
"HTTP_RESPONSE_CODE_408",
"HTTP_RESPONSE_CODE_409",
"HTTP_RESPONSE_CODE_410",
"HTTP_RESPONSE_CODE_411",
"HTTP_RESPONSE_CODE_412",
"HTTP_RESPONSE_CODE_413",
"HTTP_RESPONSE_CODE_414",
"HTTP_RESPONSE_CODE_415",
"HTTP_RESPONSE_CODE_416",
"HTTP_RESPONSE_CODE_417",
"HTTP_RESPONSE_CODE_426",
"HTTP_RESPONSE_CODE_470",
"HTTP_RESPONSE_CODE_475",
"HTTP_RESPONSE_CODE_500",
"HTTP_RESPONSE_CODE_501",
"HTTP_RESPONSE_CODE_502",
"HTTP_RESPONSE_CODE_503",
"HTTP_RESPONSE_CODE_504",
"HTTP_RESPONSE_CODE_505"
],
"id": "ALBHTTPResponseCodes",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPResponseCodes type",
"type": "string"
}
ALBHTTPResponsePolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPResponsePolicy object",
"id": "ALBHTTPResponsePolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"rules": {
"description": "Add rules to the HTTP response policy.",
"items": {
"$ref": "ALBHTTPResponseRule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "HTTPResponsePolicy",
"type": "object"
}
ALBHTTPResponseRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPResponseRule object",
"id": "ALBHTTPResponseRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"all_headers": {
"description": "Log all HTTP headers upon rule match.",
"required": false,
"title": "All headers",
"type": "boolean"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": true,
"title": "Enable",
"type": "boolean"
},
"hdr_action": {
"description": "HTTP header rewrite action.",
"items": {
"$ref": "ALBHTTPHdrAction
},
"required": false,
"title": "Hdr action",
"type": "array"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"loc_hdr_action": {
"$ref": "ALBHTTPRewriteLocHdrAction,
"description": "Location header rewrite action.",
"required": false,
"title": "Loc hdr action"
},
"log": {
"description": "Log HTTP request upon rule match.",
"required": false,
"title": "Log",
"type": "boolean"
},
"match": {
"$ref": "ALBResponseMatchTarget,
"description": "Add match criteria to the rule.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "HTTPResponseRule",
"type": "object"
}
ALBHTTPRewriteLocHdrAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPRewriteLocHdrAction object",
"id": "ALBHTTPRewriteLocHdrAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host": {
"$ref": "ALBURIParam,
"description": "Host config.",
"required": false,
"title": "Host"
},
"keep_query": {
"default": true,
"description": "Keep or drop the query from the server side redirect URI. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Keep query",
"type": "boolean"
},
"path": {
"$ref": "ALBURIParam,
"description": "Path config.",
"required": false,
"title": "Path"
},
"port": {
"description": "Port to use in the redirected URI. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Port",
"type": "integer"
},
"protocol": {
"$ref": "ALBHTTPProtocol,
"description": "HTTP protocol type. Enum options - HTTP, HTTPS.",
"required": true,
"title": "Protocol"
}
},
"title": "HTTPRewriteLocHdrAction",
"type": "object"
}
ALBHTTPRewriteURLAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPRewriteURLAction object",
"id": "ALBHTTPRewriteURLAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host_hdr": {
"$ref": "ALBURIParam,
"description": "Host config.",
"required": false,
"title": "Host hdr"
},
"path": {
"$ref": "ALBURIParam,
"description": "Path config.",
"required": false,
"title": "Path"
},
"query": {
"$ref": "ALBURIParamQuery,
"description": "Query config.",
"required": false,
"title": "Query"
}
},
"title": "HTTPRewriteURLAction",
"type": "object"
}
ALBHTTPSecurityAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPSecurityAction object",
"id": "ALBHTTPSecurityAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBHTTPSecurityActionType,
"description": "Type of the security action to perform. Enum options - HTTP_SECURITY_ACTION_CLOSE_CONN, HTTP_SECURITY_ACTION_SEND_RESPONSE, HTTP_SECURITY_ACTION_ALLOW, HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS, HTTP_SECURITY_ACTION_RATE_LIMIT, HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP. Allowed in Basic(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Essentials(Allowed values- HTTP_SECURITY_ACTION_CLOSE_CONN,HTTP_SECURITY_ACTION_SEND_RESPONSE,HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS) edition, Enterprise edition.",
"required": true,
"title": "Action"
},
"file": {
"$ref": "ALBHTTPLocalFile,
"description": "File to be used for generating HTTP local response.",
"required": false,
"title": "File"
},
"https_port": {
"description": "Secure SSL/TLS port to redirect the HTTP request to. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Https port",
"type": "integer"
},
"rate_profile": {
"$ref": "ALBHTTPSecurityActionRateProfile,
"description": "Rate limiting configuration for this action. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Rate profile"
},
"status_code": {
"$ref": "ALBHTTPLocalResponseStatusCode,
"description": "HTTP status code to use for local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501.",
"required": false,
"title": "Status code"
}
},
"title": "HTTPSecurityAction",
"type": "object"
}
ALBHTTPSecurityActionRateProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPSecurityActionRateProfile object",
"id": "ALBHTTPSecurityActionRateProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBRateLimiterAction,
"description": "The action to take when the rate limit has been reached.",
"required": true,
"title": "Action"
},
"per_client_ip": {
"description": "Rate limiting should be done on a per client ip basis.",
"required": false,
"title": "Per client ip",
"type": "boolean"
},
"per_uri_path": {
"description": "Rate limiting should be done on a per request uri path basis.",
"required": false,
"title": "Per uri path",
"type": "boolean"
},
"rate_limiter": {
"$ref": "ALBRateLimiter,
"description": "The rate limiter used when this action is triggered.",
"required": true,
"title": "Rate limiter"
}
},
"title": "HTTPSecurityActionRateProfile",
"type": "object"
}
ALBHTTPSecurityActionType (type)
{
"description": "Valid ENUM values for ALBHTTPSecurityActionType",
"enum": [
"HTTP_SECURITY_ACTION_CLOSE_CONN",
"HTTP_SECURITY_ACTION_SEND_RESPONSE",
"HTTP_SECURITY_ACTION_ALLOW",
"HTTP_SECURITY_ACTION_REDIRECT_TO_HTTPS",
"HTTP_SECURITY_ACTION_RATE_LIMIT",
"HTTP_SECURITY_ACTION_REQUEST_CHECK_ICAP"
],
"id": "ALBHTTPSecurityActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPSecurityActionType type",
"type": "string"
}
ALBHTTPSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPSecurityPolicy object",
"id": "ALBHTTPSecurityPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"rules": {
"description": "Add rules to the HTTP security policy.",
"items": {
"$ref": "ALBHTTPSecurityRule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "HTTPSecurityPolicy",
"type": "object"
}
ALBHTTPSecurityRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPSecurityRule object",
"id": "ALBHTTPSecurityRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBHTTPSecurityAction,
"description": "Action to be performed upon successful matching.",
"required": false,
"title": "Action"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": true,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"log": {
"description": "Log HTTP request upon rule match.",
"required": false,
"title": "Log",
"type": "boolean"
},
"match": {
"$ref": "ALBMatchTarget,
"description": "Add match criteria to the rule.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "HTTPSecurityRule",
"type": "object"
}
ALBHTTPServerReselect (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPServerReselect object",
"id": "ALBHTTPServerReselect",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enabled": {
"default": false,
"description": "Enable HTTP request reselect when server responds with specific response codes. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Enabled",
"type": "boolean"
},
"num_retries": {
"default": 4,
"description": "Number of times to retry an HTTP request when server responds with configured status codes. Default value when not specified in API or module is interpreted by ALB Controller as 4.",
"minimum": 0,
"required": false,
"title": "Num retries",
"type": "integer"
},
"retry_nonidempotent": {
"default": false,
"description": "Allow retry of non-idempotent HTTP requests. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Retry nonidempotent",
"type": "boolean"
},
"retry_timeout": {
"default": 0,
"description": "Timeout per retry attempt, for a given request. Value of 0 indicates default timeout. Allowed values are 0-3600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 3600000,
"minimum": 0,
"required": false,
"title": "Retry timeout",
"type": "integer"
},
"svr_resp_code": {
"$ref": "ALBHTTPReselectRespCode,
"description": "Server response codes which will trigger an HTTP request retry.",
"required": false,
"title": "Svr resp code"
}
},
"title": "HTTPServerReselect",
"type": "object"
}
ALBHTTPStatusMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPStatusMatch object",
"id": "ALBHTTPStatusMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for matching the HTTP response status code(s). Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"ranges": {
"description": "HTTP response status code range(s).",
"items": {
"$ref": "ALBHTTPStatusRange
},
"required": false,
"title": "Ranges",
"type": "array"
},
"status_codes": {
"description": "HTTP response status code(s).",
"items": {
"type": "integer"
},
"required": false,
"title": "Status codes",
"type": "array"
}
},
"title": "HTTPStatusMatch",
"type": "object"
}
ALBHTTPStatusRange (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPStatusRange object",
"id": "ALBHTTPStatusRange",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"begin": {
"description": "Starting HTTP response status code.",
"required": true,
"title": "Begin",
"type": "integer"
},
"end": {
"description": "Ending HTTP response status code.",
"required": true,
"title": "End",
"type": "integer"
}
},
"title": "HTTPStatusRange",
"type": "object"
}
ALBHTTPSwitchingAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPSwitchingAction object",
"id": "ALBHTTPSwitchingAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBHTTPSwitchingActionType,
"description": "Content switching action type. Enum options - HTTP_SWITCHING_SELECT_POOL, HTTP_SWITCHING_SELECT_LOCAL, HTTP_SWITCHING_SELECT_POOLGROUP. Allowed in Essentials(Allowed values- HTTP_SWITCHING_SELECT_POOL,HTTP_SWITCHING_SELECT_LOCAL) edition, Enterprise edition.",
"required": true,
"title": "Action"
},
"file": {
"$ref": "ALBHTTPLocalFile,
"description": "File from which to serve local response to the request.",
"required": false,
"title": "File"
},
"pool_group_path": {
"description": "path of the pool group to serve the request. It is a reference to an object of type PoolGroup.",
"required": false,
"title": "Pool group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHTTPPolicySet"
],
"relationshipType": "ALB_HTTPPOLICYSET_ALB_POOLGROUP_RELATIONSHIP",
"rightType": [
"ALBPoolGroup"
]
}
]
},
"pool_path": {
"description": "path of the pool of servers to serve the request. It is a reference to an object of type Pool.",
"required": false,
"title": "Pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHTTPPolicySet"
],
"relationshipType": "ALB_HTTPPOLICYSET_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
},
"server": {
"$ref": "ALBPoolServer,
"description": "Specific pool server to select.",
"required": false,
"title": "Server"
},
"status_code": {
"$ref": "ALBHTTPLocalResponseStatusCode,
"description": "HTTP status code to use when serving local response. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501.",
"required": false,
"title": "Status code"
}
},
"title": "HTTPSwitchingAction",
"type": "object"
}
ALBHTTPSwitchingActionType (type)
{
"description": "Valid ENUM values for ALBHTTPSwitchingActionType",
"enum": [
"HTTP_SWITCHING_SELECT_POOL",
"HTTP_SWITCHING_SELECT_LOCAL",
"HTTP_SWITCHING_SELECT_POOLGROUP"
],
"id": "ALBHTTPSwitchingActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPSwitchingActionType type",
"type": "string"
}
ALBHTTPVersion (type)
{
"description": "Valid ENUM values for ALBHTTPVersion",
"enum": [
"ZERO_NINE",
"ONE_ZERO",
"ONE_ONE",
"TWO_ZERO"
],
"id": "ALBHTTPVersion",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HTTPVersion type",
"type": "string"
}
ALBHTTPVersionMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HTTPVersionMatch object",
"id": "ALBHTTPVersionMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for HTTP version matching the version used in the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"versions": {
"description": "HTTP protocol version. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Minimum of 1 items required. Maximum of 8 items allowed. Allowed in Basic(Allowed values- ONE_ZERO,ONE_ONE) edition, Essentials(Allowed values- ONE_ZERO,ONE_ONE) edition, Enterprise edition.",
"items": {
"$ref": "ALBHTTPVersion
},
"required": true,
"title": "Versions",
"type": "array"
}
},
"title": "HTTPVersionMatch",
"type": "object"
}
ALBHardwareSecurityModule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HardwareSecurityModule object",
"id": "ALBHardwareSecurityModule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cloudhsm": {
"$ref": "ALBHSMAwsCloudHsm,
"description": "AWS CloudHSM specific configuration.",
"required": false,
"title": "Cloudhsm"
},
"nethsm": {
"description": "Thales netHSM specific configuration.",
"items": {
"$ref": "ALBHSMThalesNetHsm
},
"required": false,
"title": "Nethsm",
"type": "array"
},
"rfs": {
"$ref": "ALBHSMThalesRFS,
"description": "Thales Remote File Server (RFS), used for the netHSMs, configuration.",
"required": false,
"title": "Rfs"
},
"sluna": {
"$ref": "ALBHSMSafenetLuna,
"description": "Safenet/Gemalto Luna/Gem specific configuration.",
"required": false,
"title": "Sluna"
},
"type": {
"$ref": "ALBHSMType,
"description": "HSM type to use. Enum options - HSM_TYPE_THALES_NETHSM, HSM_TYPE_SAFENET_LUNA, HSM_TYPE_AWS_CLOUDHSM.",
"required": true,
"title": "Type"
}
},
"title": "HardwareSecurityModule",
"type": "object"
}
ALBHardwareSecurityModuleGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HardwareSecurityModuleGroup object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBHardwareSecurityModuleGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"hsm": {
"$ref": "ALBHardwareSecurityModule,
"description": "Hardware Security Module configuration.",
"required": true,
"title": "Hsm"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "HardwareSecurityModuleGroup",
"type": "object"
}
ALBHardwareSecurityModuleGroupApiResponse (type)
{
"additionalProperties": false,
"description": "HardwareSecurityModuleGroupApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBHardwareSecurityModuleGroupApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of HardwareSecurityModuleGroup",
"items": {
"$ref": "ALBHardwareSecurityModuleGroup
},
"required": false,
"title": "Array of HardwareSecurityModuleGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HardwareSecurityModuleGroupApiResponse",
"type": "object"
}
ALBHdrMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HdrMatch object",
"id": "ALBHdrMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"hdr": {
"description": "Name of the HTTP header whose value is to be matched.",
"required": true,
"title": "Hdr",
"type": "string"
},
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBHdrMatchOperation,
"description": "Criterion to use for matching headers in the HTTP request. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL.",
"required": true,
"title": "Match criteria"
},
"value": {
"description": "String values to match in the HTTP header.",
"items": {
"type": "string"
},
"required": false,
"title": "Value",
"type": "array"
}
},
"title": "HdrMatch",
"type": "object"
}
ALBHdrMatchOperation (type)
{
"description": "Valid ENUM values for ALBHdrMatchOperation",
"enum": [
"HDR_EXISTS",
"HDR_DOES_NOT_EXIST",
"HDR_BEGINS_WITH",
"HDR_DOES_NOT_BEGIN_WITH",
"HDR_CONTAINS",
"HDR_DOES_NOT_CONTAIN",
"HDR_ENDS_WITH",
"HDR_DOES_NOT_END_WITH",
"HDR_EQUALS",
"HDR_DOES_NOT_EQUAL"
],
"id": "ALBHdrMatchOperation",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HdrMatchOperation type",
"type": "string"
}
ALBHdrPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HdrPersistenceProfile object",
"id": "ALBHdrPersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"prst_hdr_name": {
"description": "Header name for custom header persistence.",
"required": false,
"title": "Prst hdr name",
"type": "string"
}
},
"title": "HdrPersistenceProfile",
"type": "object"
}
ALBHealthMonitor (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitor object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBHealthMonitor",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_duplicate_monitors": {
"description": "By default, multiple instances of the same healthmonitor to the same server are suppressed intelligently. In rare cases, the monitor may have specific constructs that go beyond the server keys (ip, port, etc.) during which such suppression is not desired. Use this knob to allow duplicates. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition.",
"required": false,
"title": "Allow duplicate monitors",
"type": "boolean"
},
"authentication": {
"$ref": "ALBHealthMonitorAuthInfo,
"description": "Authentication information for username/password. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Authentication"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_quickstart": {
"description": "During addition of a server or healthmonitors or during bootup, Avi performs sequential health checks rather than waiting for send-interval to kick in, to mark the server up as soon as possible. This knob may be used to turn this feature off. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition.",
"required": false,
"title": "Disable quickstart",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_monitor": {
"$ref": "ALBHealthMonitorDNS,
"description": "Placeholder for description of property dns_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "Dns monitor"
},
"external_monitor": {
"$ref": "ALBHealthMonitorExternal,
"description": "Placeholder for description of property external_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "External monitor"
},
"failed_checks": {
"default": 2,
"description": "Number of continuous failed health checks before the server is marked down. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 50,
"minimum": 1,
"required": false,
"title": "Failed checks",
"type": "integer"
},
"http_monitor": {
"$ref": "ALBHealthMonitorHttp,
"description": "Placeholder for description of property http_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "Http monitor"
},
"https_monitor": {
"$ref": "ALBHealthMonitorHttp,
"description": "Placeholder for description of property https_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "Https monitor"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"imap_monitor": {
"$ref": "ALBHealthMonitorImap,
"description": "Health monitor for IMAP.",
"required": false,
"title": "Imap monitor"
},
"imaps_monitor": {
"$ref": "ALBHealthMonitorImap,
"description": "Health monitor for IMAPS.",
"required": false,
"title": "Imaps monitor"
},
"is_federated": {
"default": false,
"description": "This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is federated",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"monitor_port": {
"description": "Use this port instead of the port defined for the server in the Pool. If the monitor succeeds to this port, the load balanced traffic will still be sent to the port of the server defined within the Pool. Allowed values are 1-65535. Special values are 0 - 'Use server port'.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pop3_monitor": {
"$ref": "ALBHealthMonitorPop3,
"description": "Health monitor for POP3.",
"required": false,
"title": "Pop3 monitor"
},
"pop3s_monitor": {
"$ref": "ALBHealthMonitorPop3,
"description": "Health monitor for POP3S.",
"required": false,
"title": "Pop3s monitor"
},
"radius_monitor": {
"$ref": "ALBHealthMonitorRadius,
"description": "Health monitor for Radius. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Radius monitor"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receive_timeout": {
"default": 4,
"description": "A valid response from the server is expected within the receive timeout window. This timeout must be less than the send interval. If server status is regularly flapping up and down, consider increasing this value. Allowed values are 1-2400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 4.",
"maximum": 2400,
"minimum": 1,
"required": false,
"title": "Receive timeout",
"type": "integer"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"send_interval": {
"default": 10,
"description": "Frequency, in seconds, that monitors are sent to a server. Allowed values are 1-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"maximum": 3600,
"minimum": 1,
"required": false,
"title": "Send interval",
"type": "integer"
},
"sip_monitor": {
"$ref": "ALBHealthMonitorSIP,
"description": "Health monitor for SIP. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Sip monitor"
},
"smtp_monitor": {
"$ref": "ALBHealthMonitorSmtp,
"description": "Health monitor for SMTP.",
"required": false,
"title": "Smtp monitor"
},
"smtps_monitor": {
"$ref": "ALBHealthMonitorSmtp,
"description": "Health monitor for SMTPS.",
"required": false,
"title": "Smtps monitor"
},
"successful_checks": {
"default": 2,
"description": "Number of continuous successful health checks before server is marked up. Allowed values are 1-50. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 50,
"minimum": 1,
"required": false,
"title": "Successful checks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_monitor": {
"$ref": "ALBHealthMonitorTcp,
"description": "Placeholder for description of property tcp_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "Tcp monitor"
},
"type": {
"$ref": "ALBHealthMonitorType,
"description": "Type of the health monitor. Enum options - HEALTH_MONITOR_PING, HEALTH_MONITOR_TCP, HEALTH_MONITOR_HTTP, HEALTH_MONITOR_HTTPS, HEALTH_MONITOR_EXTERNAL, HEALTH_MONITOR_UDP, HEALTH_MONITOR_DNS, HEALTH_MONITOR_GSLB, HEALTH_MONITOR_SIP, HEALTH_MONITOR_RADIUS, HEALTH_MONITOR_SMTP, HEALTH_MONITOR_SMTPS, HEALTH_MONITOR_POP3, HEALTH_MONITOR_POP3S, HEALTH_MONITOR_IMAP, HEALTH_MONITOR_IMAPS. Allowed in Basic(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP,HEALTH_MONITOR_HTTP,HEALTH_MONITOR_HTTPS) edition, Essentials(Allowed values- HEALTH_MONITOR_PING,HEALTH_MONITOR_TCP,HEALTH_MONITOR_UDP) edition, Enterprise edition.",
"required": true,
"title": "Type"
},
"udp_monitor": {
"$ref": "ALBHealthMonitorUdp,
"description": "Placeholder for description of property udp_monitor of obj type HealthMonitor field type str type ref.",
"required": false,
"title": "Udp monitor"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "HealthMonitor",
"type": "object"
}
ALBHealthMonitorApiResponse (type)
{
"additionalProperties": false,
"description": "HealthMonitorApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBHealthMonitorApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of HealthMonitor",
"items": {
"$ref": "ALBHealthMonitor
},
"required": false,
"title": "Array of HealthMonitor",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "HealthMonitorApiResponse",
"type": "object"
}
ALBHealthMonitorAuthInfo (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorAuthInfo object",
"id": "ALBHealthMonitorAuthInfo",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"password": {
"description": "Password for server authentication.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "string"
},
"username": {
"description": "Username for server authentication.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "string"
}
},
"title": "HealthMonitorAuthInfo",
"type": "object"
}
ALBHealthMonitorAuthType (type)
{
"description": "Valid ENUM values for ALBHealthMonitorAuthType",
"enum": [
"AUTH_BASIC",
"AUTH_NTLM"
],
"id": "ALBHealthMonitorAuthType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HealthMonitorAuthType type",
"type": "string"
}
ALBHealthMonitorDNS (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorDNS object",
"id": "ALBHealthMonitorDNS",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"qtype": {
"$ref": "ALBHealthMonitorDNSQueryType,
"default": "DNS_QUERY_TYPE",
"description": "Query_Type Response has atleast one answer of which the resource record type matches the query type Any_Type Response should contain atleast one answer AnyThing An empty answer is enough. Enum options - DNS_QUERY_TYPE, DNS_ANY_TYPE, DNS_ANY_THING. Default value when not specified in API or module is interpreted by ALB Controller as DNS_QUERY_TYPE.",
"required": false,
"title": "Qtype"
},
"query_name": {
"description": "The DNS monitor will query the DNS server for the fully qualified name in this field.",
"required": true,
"title": "Query name",
"type": "string"
},
"rcode": {
"$ref": "ALBHealthMonitorDNSRcode,
"default": "RCODE_NO_ERROR",
"description": "When No Error is selected, a DNS query will be marked failed is any error code is returned by the server. With Any selected, the monitor ignores error code in the responses. Enum options - RCODE_NO_ERROR, RCODE_ANYTHING. Default value when not specified in API or module is interpreted by ALB Controller as RCODE_NO_ERROR.",
"required": false,
"title": "Rcode"
},
"record_type": {
"$ref": "ALBDnsRecordType,
"default": "DNS_RECORD_A",
"description": "Resource record type used in the healthmonitor DNS query, only A or AAAA type supported. Enum options - DNS_RECORD_OTHER, DNS_RECORD_A, DNS_RECORD_NS, DNS_RECORD_CNAME, DNS_RECORD_SOA, DNS_RECORD_PTR, DNS_RECORD_HINFO, DNS_RECORD_MX, DNS_RECORD_TXT, DNS_RECORD_RP, DNS_RECORD_DNSKEY, DNS_RECORD_AAAA, DNS_RECORD_SRV, DNS_RECORD_OPT, DNS_RECORD_RRSIG, DNS_RECORD_AXFR, DNS_RECORD_ANY. Default value when not specified in API or module is interpreted by ALB Controller as DNS_RECORD_A.",
"required": false,
"title": "Record type"
},
"response_string": {
"description": "The resource record of the queried DNS server's response for the Request Name must include the IP address defined in this field.",
"required": false,
"title": "Response string",
"type": "string"
}
},
"title": "HealthMonitorDNS",
"type": "object"
}
ALBHealthMonitorDNSQueryType (type)
{
"description": "Valid ENUM values for ALBHealthMonitorDNSQueryType",
"enum": [
"DNS_QUERY_TYPE",
"DNS_ANY_TYPE",
"DNS_ANY_THING"
],
"id": "ALBHealthMonitorDNSQueryType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HealthMonitorDNSQueryType type",
"type": "string"
}
ALBHealthMonitorDNSRcode (type)
{
"description": "Valid ENUM values for ALBHealthMonitorDNSRcode",
"enum": [
"RCODE_NO_ERROR",
"RCODE_ANYTHING"
],
"id": "ALBHealthMonitorDNSRcode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HealthMonitorDNSRcode type",
"type": "string"
}
ALBHealthMonitorExternal (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorExternal object",
"id": "ALBHealthMonitorExternal",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"command_code": {
"description": "Command script provided inline.",
"required": true,
"title": "Command code",
"type": "string"
},
"command_parameters": {
"description": "Optional arguments to feed into the script.",
"required": false,
"title": "Command parameters",
"type": "string"
},
"command_path": {
"description": "Path of external health monitor script.",
"required": false,
"title": "Command path",
"type": "string"
},
"command_variables": {
"description": "Environment variables to be fed into the script.",
"required": false,
"title": "Command variables",
"type": "string"
}
},
"title": "HealthMonitorExternal",
"type": "object"
}
ALBHealthMonitorHttp (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorHttp object",
"id": "ALBHealthMonitorHttp",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"auth_type": {
"$ref": "ALBHealthMonitorAuthType,
"description": "Type of the authentication method. Enum options - AUTH_BASIC, AUTH_NTLM. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Auth type"
},
"exact_http_request": {
"default": false,
"description": "Use the exact http_request string as specified by user, without any automatic insert of headers like Host header. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Exact http request",
"type": "boolean"
},
"http_request": {
"default": "GET / HTTP/1.0",
"description": "Send an HTTP request to the server. The default GET / HTTP/1.0 may be extended with additional headers or information. For instance, GET /index.htm HTTP/1.1 Host www.site.com Connection Close. Default value when not specified in API or module is interpreted by ALB Controller as GET / HTTP/1.0.",
"required": false,
"title": "Http request",
"type": "string"
},
"http_request_body": {
"description": "HTTP request body.",
"required": false,
"title": "Http request body",
"type": "string"
},
"http_response": {
"description": "Match for a keyword in the first 2Kb of the server header and body response.",
"required": false,
"title": "Http response",
"type": "string"
},
"http_response_code": {
"description": "List of HTTP response codes to match as successful. Default is 2xx. Enum options - HTTP_ANY, HTTP_1XX, HTTP_2XX, HTTP_3XX, HTTP_4XX, HTTP_5XX. Minimum of 1 items required.",
"items": {
"$ref": "ALBHttpResponseCode
},
"required": true,
"title": "Http response code",
"type": "array"
},
"maintenance_code": {
"description": "Match or look for this HTTP response code indicating server maintenance. A successful match results in the server being marked down. Allowed values are 101-599. Maximum of 4 items allowed.",
"items": {
"type": "integer"
},
"required": false,
"title": "Maintenance code",
"type": "array"
},
"maintenance_response": {
"description": "Match or look for this keyword in the first 2KB of server header and body response indicating server maintenance. A successful match results in the server being marked down.",
"required": false,
"title": "Maintenance response",
"type": "string"
},
"response_size": {
"description": "Expected http/https response page size. Allowed values are 2048-16384.",
"maximum": 16384,
"minimum": 2048,
"required": false,
"title": "Response size",
"type": "integer"
},
"ssl_attributes": {
"$ref": "ALBHealthMonitorSSLAttributes,
"description": "SSL attributes for HTTPS health monitor.",
"required": false,
"title": "Ssl attributes"
}
},
"title": "HealthMonitorHttp",
"type": "object"
}
ALBHealthMonitorImap (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorImap object",
"id": "ALBHealthMonitorImap",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"folder": {
"description": "Folder to access.",
"required": false,
"title": "Folder",
"type": "string"
},
"ssl_attributes": {
"$ref": "ALBHealthMonitorSSLAttributes,
"description": "SSL attributes for IMAPS monitor.",
"required": false,
"title": "Ssl attributes"
}
},
"title": "HealthMonitorImap",
"type": "object"
}
ALBHealthMonitorPop3 (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorPop3 object",
"id": "ALBHealthMonitorPop3",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ssl_attributes": {
"$ref": "ALBHealthMonitorSSLAttributes,
"description": "SSL attributes for POP3S monitor.",
"required": false,
"title": "Ssl attributes"
}
},
"title": "HealthMonitorPop3",
"type": "object"
}
ALBHealthMonitorRadius (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorRadius object",
"id": "ALBHealthMonitorRadius",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"password": {
"description": "Radius monitor will query Radius server with this password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "string"
},
"shared_secret": {
"description": "Radius monitor will query Radius server with this shared secret.",
"required": true,
"sensitive": true,
"title": "Shared secret",
"type": "string"
},
"username": {
"description": "Radius monitor will query Radius server with this username.",
"required": true,
"title": "Username",
"type": "string"
}
},
"title": "HealthMonitorRadius",
"type": "object"
}
ALBHealthMonitorSIP (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorSIP object",
"id": "ALBHealthMonitorSIP",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"sip_monitor_transport": {
"$ref": "ALBSipMonTransport,
"default": "SIP_UDP_PROTO",
"description": "Specify the transport protocol TCP or UDP, to be used for SIP health monitor. The default transport is UDP. Enum options - SIP_UDP_PROTO, SIP_TCP_PROTO. Default value when not specified in API or module is interpreted by ALB Controller as SIP_UDP_PROTO.",
"required": false,
"title": "Sip monitor transport"
},
"sip_request_code": {
"$ref": "ALBSipRequestCode,
"default": "SIP_OPTIONS",
"description": "Specify the SIP request to be sent to the server. By default, SIP OPTIONS request will be sent. Enum options - SIP_OPTIONS. Default value when not specified in API or module is interpreted by ALB Controller as SIP_OPTIONS.",
"required": false,
"title": "Sip request code"
},
"sip_response": {
"default": "SIP/2.0",
"description": "Match for a keyword in the first 2KB of the server header and body response. By default, it matches for SIP/2.0. Default value when not specified in API or module is interpreted by ALB Controller as SIP/2.0.",
"required": false,
"title": "Sip response",
"type": "string"
}
},
"title": "HealthMonitorSIP",
"type": "object"
}
ALBHealthMonitorSSLAttributes (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorSSLAttributes object",
"id": "ALBHealthMonitorSSLAttributes",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"pki_profile_path": {
"description": "PKI profile used to validate the SSL certificate presented by a server. It is a reference to an object of type PKIProfile.",
"required": false,
"title": "Pki profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHealthMonitor"
],
"relationshipType": "ALB_HEALTHMONITOR_ALB_PKIPROFILE_RELATIONSHIP",
"rightType": [
"ALBPKIProfile"
]
}
]
},
"server_name": {
"description": "Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections indicating SNI is enabled.",
"required": false,
"title": "Server name",
"type": "string"
},
"ssl_key_and_certificate_path": {
"description": "Service engines will present this SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate.",
"required": false,
"title": "Ssl key and certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHealthMonitor"
],
"relationshipType": "ALB_HEALTHMONITOR_ALB_SSLKEYANDCERTIFICATE_RELATIONSHIP",
"rightType": [
"ALBSSLKeyAndCertificate"
]
}
]
},
"ssl_profile_path": {
"description": "SSL profile defines ciphers and SSL versions to be used for healthmonitor traffic to the back-end servers. It is a reference to an object of type SSLProfile.",
"required": true,
"title": "Ssl profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHealthMonitor"
],
"relationshipType": "ALB_HEALTHMONITOR_ALB_SSLPROFILE_RELATIONSHIP",
"rightType": [
"ALBSSLProfile"
]
}
]
}
},
"title": "HealthMonitorSSLAttributes",
"type": "object"
}
ALBHealthMonitorSmtp (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorSmtp object",
"id": "ALBHealthMonitorSmtp",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"domainname": {
"description": "Sender domain name.",
"required": false,
"title": "Domainname",
"type": "string"
},
"mail_data": {
"description": "Mail data.",
"required": false,
"title": "Mail data",
"type": "string"
},
"recipients_ids": {
"description": "Mail recipients.",
"items": {
"type": "string"
},
"required": false,
"title": "Recipients ids",
"type": "array"
},
"sender_id": {
"description": "Mail sender.",
"required": false,
"title": "Sender id",
"type": "string"
},
"ssl_attributes": {
"$ref": "ALBHealthMonitorSSLAttributes,
"description": "SSL attributes for SMTPS monitor.",
"required": false,
"title": "Ssl attributes"
}
},
"title": "HealthMonitorSmtp",
"type": "object"
}
ALBHealthMonitorTcp (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorTcp object",
"id": "ALBHealthMonitorTcp",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"maintenance_response": {
"description": "Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down.",
"required": false,
"title": "Maintenance response",
"type": "string"
},
"tcp_half_open": {
"default": false,
"description": "Configure TCP health monitor to use half-open TCP connections to monitor the health of backend servers thereby avoiding consumption of a full fledged server side connection and the overhead and logs associated with it. This method is light-weight as it makes use of listener in server's kernel layer to measure the health and a child socket or user thread is not created on the server side. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Tcp half open",
"type": "boolean"
},
"tcp_request": {
"description": "Request data to send after completing the TCP handshake.",
"required": false,
"title": "Tcp request",
"type": "string"
},
"tcp_response": {
"description": "Match for the desired keyword in the first 2Kb of the server's TCP response. If this field is left blank, no server response is required.",
"required": false,
"title": "Tcp response",
"type": "string"
}
},
"title": "HealthMonitorTcp",
"type": "object"
}
ALBHealthMonitorType (type)
{
"description": "Valid ENUM values for ALBHealthMonitorType",
"enum": [
"HEALTH_MONITOR_PING",
"HEALTH_MONITOR_TCP",
"HEALTH_MONITOR_HTTP",
"HEALTH_MONITOR_HTTPS",
"HEALTH_MONITOR_EXTERNAL",
"HEALTH_MONITOR_UDP",
"HEALTH_MONITOR_DNS",
"HEALTH_MONITOR_GSLB",
"HEALTH_MONITOR_SIP",
"HEALTH_MONITOR_RADIUS",
"HEALTH_MONITOR_SMTP",
"HEALTH_MONITOR_SMTPS",
"HEALTH_MONITOR_POP3",
"HEALTH_MONITOR_POP3S",
"HEALTH_MONITOR_IMAP",
"HEALTH_MONITOR_IMAPS"
],
"id": "ALBHealthMonitorType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HealthMonitorType type",
"type": "string"
}
ALBHealthMonitorUdp (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HealthMonitorUdp object",
"id": "ALBHealthMonitorUdp",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"maintenance_response": {
"description": "Match or look for this keyword in the first 2KB of server's response indicating server maintenance. A successful match results in the server being marked down.",
"required": false,
"title": "Maintenance response",
"type": "string"
},
"udp_request": {
"description": "Send UDP request.",
"required": false,
"title": "Udp request",
"type": "string"
},
"udp_response": {
"description": "Match for keyword in the UDP response.",
"required": false,
"title": "Udp response",
"type": "string"
}
},
"title": "HealthMonitorUdp",
"type": "object"
}
ALBHostHdrMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HostHdrMatch object",
"id": "ALBHostHdrMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBHdrMatchOperation,
"description": "Criterion to use for the host header value match. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL.",
"required": true,
"title": "Match criteria"
},
"value": {
"description": "String value(s) in the host header.",
"items": {
"type": "string"
},
"required": false,
"title": "Value",
"type": "array"
}
},
"title": "HostHdrMatch",
"type": "object"
}
ALBHttpCacheConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HttpCacheConfig object",
"id": "ALBHttpCacheConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"age_header": {
"default": true,
"description": "Add an Age header to content served from cache, which indicates to the client the number of seconds the object has been in the cache. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Age header",
"type": "boolean"
},
"aggressive": {
"default": false,
"description": "Enable/disable caching objects without Cache-Control headers. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Aggressive",
"type": "boolean"
},
"date_header": {
"default": true,
"description": "If a Date header was not added by the server, add a Date header to the object served from cache. This indicates to the client when the object was originally sent by the server to the cache. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Date header",
"type": "boolean"
},
"default_expire": {
"default": 600,
"description": "Default expiration time of cache objects received from the server without a Cache-Control expiration header. This value may be overwritten by the Heuristic Expire setting. Default value when not specified in API or module is interpreted by ALB Controller as 600.",
"required": false,
"title": "Default expire",
"type": "integer"
},
"enabled": {
"default": false,
"description": "Enable/disable HTTP object caching.When enabling caching for the first time, SE Group app_cache_percent must be set to allocate shared memory required for caching (A service engine restart is needed after setting/resetting the SE group value). Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"heuristic_expire": {
"default": false,
"description": "If a response object from the server does not include the Cache-Control header, but does include a Last-Modified header, the system will use this time to calculate the Cache-Control expiration. If unable to solicit an Last-Modified header, then the system will fall back to the Cache Expire Time value. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Heuristic expire",
"type": "boolean"
},
"ignore_request_cache_control": {
"default": false,
"description": "Ignore client's cache control headers when fetching or storing from and to the cache. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ignore request cache control",
"type": "boolean"
},
"max_cache_size": {
"default": 0,
"description": "Max size, in bytes, of the cache. The default, zero, indicates auto configuration. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Max cache size",
"type": "integer"
},
"max_object_size": {
"default": 4194304,
"description": "Maximum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 4194304.",
"required": false,
"title": "Max object size",
"type": "integer"
},
"mime_types_block_group_paths": {
"description": "Blocklist string group of non-cacheable mime types. It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "Mime types block group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"mime_types_block_lists": {
"description": "Blocklist of non-cacheable mime types.",
"items": {
"type": "string"
},
"required": false,
"title": "Mime types block lists",
"type": "array"
},
"mime_types_group_paths": {
"description": "Allowlist string group of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR). It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "Mime types group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"mime_types_list": {
"description": "Allowlist of cacheable mime types. If both Cacheable Mime Types string list and string group are empty, this defaults to (STAR)/(STAR).",
"items": {
"type": "string"
},
"required": false,
"title": "Mime types list",
"type": "array"
},
"min_object_size": {
"default": 100,
"description": "Minimum size of an object to store in the cache. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"required": false,
"title": "Min object size",
"type": "integer"
},
"query_cacheable": {
"default": false,
"description": "Allow caching of objects whose URI included a query argument. When disabled, these objects are not cached. When enabled, the request must match the URI query to be considered a hit. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Query cacheable",
"type": "boolean"
},
"uri_non_cacheable": {
"$ref": "ALBPathMatch,
"description": "Non-cacheable URI configuration with match criteria.",
"required": false,
"title": "Uri non cacheable"
},
"xcache_header": {
"default": true,
"description": "Add an X-Cache header to content served from cache, which indicates to the client that the object was served from an intermediate cache. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Xcache header",
"type": "boolean"
}
},
"title": "HttpCacheConfig",
"type": "object"
}
ALBHttpCookiePersistenceKey (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HttpCookiePersistenceKey object",
"id": "ALBHttpCookiePersistenceKey",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"aes_key": {
"description": "aes_key of HttpCookiePersistenceKey.",
"required": false,
"title": "Aes key",
"type": "string"
},
"hmac_key": {
"description": "hmac_key of HttpCookiePersistenceKey.",
"required": false,
"title": "Hmac key",
"type": "string"
},
"name": {
"description": "name to use for cookie encryption.",
"required": false,
"title": "Name",
"type": "string"
}
},
"title": "HttpCookiePersistenceKey",
"type": "object"
}
ALBHttpCookiePersistenceProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer HttpCookiePersistenceProfile object",
"id": "ALBHttpCookiePersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"always_send_cookie": {
"default": false,
"description": "If no persistence cookie was received from the client, always send it. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Always send cookie",
"type": "boolean"
},
"cookie_name": {
"description": "HTTP cookie name for cookie persistence.",
"required": false,
"title": "Cookie name",
"type": "string"
},
"encryption_key": {
"description": "Key name to use for cookie encryption.",
"required": false,
"title": "Encryption key",
"type": "string"
},
"key": {
"description": "Placeholder for description of property key of obj type HttpCookiePersistenceProfile field type str type array.",
"items": {
"$ref": "ALBHttpCookiePersistenceKey
},
"required": false,
"title": "Key",
"type": "array"
},
"timeout": {
"description": "The maximum lifetime of any session cookie. No value or 'zero' indicates no timeout. Allowed values are 1-14400. Special values are 0- 'No Timeout'. Unit is MIN.",
"maximum": 14400,
"minimum": 0,
"required": false,
"title": "Timeout",
"type": "integer"
}
},
"title": "HttpCookiePersistenceProfile",
"type": "object"
}
ALBHttpReselectRespCodeBlock (type)
{
"description": "Valid ENUM values for ALBHttpReselectRespCodeBlock",
"enum": [
"HTTP_RSP_4XX",
"HTTP_RSP_5XX"
],
"id": "ALBHttpReselectRespCodeBlock",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HttpReselectRespCodeBlock type",
"type": "string"
}
ALBHttpResponseCode (type)
{
"description": "Valid ENUM values for ALBHttpResponseCode",
"enum": [
"HTTP_ANY",
"HTTP_1XX",
"HTTP_2XX",
"HTTP_3XX",
"HTTP_4XX",
"HTTP_5XX"
],
"id": "ALBHttpResponseCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "HttpResponseCode type",
"type": "string"
}
ALBIPNetworkSubnet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IPNetworkSubnet object",
"id": "ALBIPNetworkSubnet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"network_name": {
"description": "Network for VirtualService IP allocation with Vantage as the IPAM provider. Network should be created before this is configured. It is a reference to an object of type Network.",
"required": false,
"title": "Network name",
"type": "string"
},
"subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "Subnet for VirtualService IP allocation with Vantage or Infoblox as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed.",
"required": false,
"title": "Subnet"
},
"subnet6": {
"$ref": "ALBIpAddrPrefix,
"description": "Subnet for VirtualService IPv6 allocation with Vantage or Infoblox as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Subnet6"
},
"subnet6_uuid": {
"description": "Subnet UUID or Name or Prefix for VirtualService IPv6 allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Subnet6 uuid",
"type": "string"
},
"subnet_uuid": {
"description": "Subnet UUID or Name or Prefix for VirtualService IP allocation with AWS or OpenStack as the IPAM provider. Only one of subnet or subnet_uuid configuration is allowed.",
"required": false,
"title": "Subnet uuid",
"type": "string"
}
},
"title": "IPNetworkSubnet",
"type": "object"
}
ALBIPPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IPPersistenceProfile object",
"id": "ALBIPPersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip_mask": {
"description": "Mask to be applied on client IP. This may be used to persist clients from a subnet to the same server. When set to 0, all requests are sent to the same server. Allowed values are 0-128. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"maximum": 128,
"minimum": 0,
"required": false,
"title": "Ip mask",
"type": "integer"
},
"ip_persistent_timeout": {
"default": 5,
"description": "The length of time after a client's connections have closed before expiring the client's persistence to a server. Allowed values are 1-720. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 5.",
"maximum": 720,
"minimum": 1,
"required": false,
"title": "Ip persistent timeout",
"type": "integer"
}
},
"title": "IPPersistenceProfile",
"type": "object"
}
ALBIdleConnectionType (type)
{
"description": "Valid ENUM values for ALBIdleConnectionType",
"enum": [
"KEEP_ALIVE",
"CLOSE_IDLE"
],
"id": "ALBIdleConnectionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "IdleConnectionType type",
"type": "string"
}
ALBIpAddr (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddr object",
"id": "ALBIpAddr",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"addr": {
"description": "IP address.",
"required": true,
"title": "Addr",
"type": "string"
},
"type": {
"$ref": "ALBIpAddrType,
"description": "Enum options - V4, DNS, V6.",
"required": true,
"title": "Type"
}
},
"title": "IpAddr",
"type": "object"
}
ALBIpAddrGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddrGroup object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBIpAddrGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"addrs": {
"description": "Configure IP address(es).",
"items": {
"$ref": "ALBIpAddr
},
"required": false,
"title": "Addrs",
"type": "array"
},
"apic_epg_name": {
"description": "Populate IP addresses from members of this Cisco APIC EPG.",
"required": false,
"title": "Apic epg name",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"country_codes": {
"description": "Populate the IP address ranges from the geo database for this country.",
"items": {
"type": "string"
},
"required": false,
"title": "Country codes",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_ports": {
"description": "Configure (IP address, port) tuple(s).",
"items": {
"$ref": "ALBIpAddrPort
},
"required": false,
"title": "Ip ports",
"type": "array"
},
"marathon_app_name": {
"description": "Populate IP addresses from tasks of this Marathon app.",
"required": false,
"title": "Marathon app name",
"type": "string"
},
"marathon_service_port": {
"description": "Task port associated with marathon service port. If Marathon app has multiple service ports, this is required. Else, the first task port is used.",
"required": false,
"title": "Marathon service port",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefixes": {
"description": "Configure IP address prefix(es).",
"items": {
"$ref": "ALBIpAddrPrefix
},
"required": false,
"title": "Prefixes",
"type": "array"
},
"ranges": {
"description": "Configure IP address range(s).",
"items": {
"$ref": "ALBIpAddrRange
},
"required": false,
"title": "Ranges",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IpAddrGroup",
"type": "object"
}
ALBIpAddrGroupApiResponse (type)
{
"additionalProperties": false,
"description": "IpAddrGroupApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBIpAddrGroupApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of IpAddrGroup",
"items": {
"$ref": "ALBIpAddrGroup
},
"required": false,
"title": "Array of IpAddrGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IpAddrGroupApiResponse",
"type": "object"
}
ALBIpAddrMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddrMatch object",
"id": "ALBIpAddrMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"addrs": {
"description": "IP address(es).",
"items": {
"$ref": "ALBIpAddr
},
"required": false,
"title": "Addrs",
"type": "array"
},
"group_paths": {
"description": "path of IP address group(s). It is a reference to an object of type IpAddrGroup.",
"items": {
"type": "string"
},
"ref": "rel1",
"required": false,
"title": "Group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBDnsPolicy"
],
"relationshipType": "ALB_DNSPOLICY_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBHTTPPolicySet"
],
"relationshipType": "ALB_HTTPPOLICYSET_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBL4PolicySet"
],
"relationshipType": "ALB_L4POLICYSET_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBNetworkSecurityPolicy"
],
"relationshipType": "ALB_NETWORKSECURITYPOLICY_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBSSOPolicy"
],
"relationshipType": "ALB_SSOPOLICY_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
},
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
}
]
},
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for IP address matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"prefixes": {
"description": "IP address prefix(es).",
"items": {
"$ref": "ALBIpAddrPrefix
},
"required": false,
"title": "Prefixes",
"type": "array"
},
"ranges": {
"description": "IP address range(s).",
"items": {
"$ref": "ALBIpAddrRange
},
"required": false,
"title": "Ranges",
"type": "array"
}
},
"title": "IpAddrMatch",
"type": "object"
}
ALBIpAddrPort (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddrPort object",
"id": "ALBIpAddrPort",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"hostname": {
"description": "Hostname of server. One of IP address or hostname should be set.",
"required": false,
"title": "Hostname",
"type": "string"
},
"ip": {
"$ref": "ALBIpAddr,
"description": "IP Address of host. One of IP address or hostname should be set.",
"required": false,
"title": "Ip"
},
"name": {
"description": "Name of the object.",
"required": false,
"title": "Name",
"type": "string"
},
"port": {
"description": "Port number of server. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Port",
"type": "integer"
}
},
"title": "IpAddrPort",
"type": "object"
}
ALBIpAddrPrefix (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddrPrefix object",
"id": "ALBIpAddrPrefix",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip_addr": {
"$ref": "ALBIpAddr,
"description": "Placeholder for description of property ip_addr of obj type IpAddrPrefix field type str type ref.",
"required": true,
"title": "Ip addr"
},
"mask": {
"description": "Number of mask.",
"required": true,
"title": "Mask",
"type": "integer"
}
},
"title": "IpAddrPrefix",
"type": "object"
}
ALBIpAddrRange (type)
{
"additionalProperties": false,
"description": "Advanced load balancer IpAddrRange object",
"id": "ALBIpAddrRange",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"begin": {
"$ref": "ALBIpAddr,
"description": "Starting IP address of the range.",
"required": true,
"title": "Begin"
},
"end": {
"$ref": "ALBIpAddr,
"description": "Ending IP address of the range.",
"required": true,
"title": "End"
}
},
"title": "IpAddrRange",
"type": "object"
}
ALBIpAddrType (type)
{
"description": "Valid ENUM values for ALBIpAddrType",
"enum": [
"V4",
"DNS",
"V6"
],
"id": "ALBIpAddrType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "IpAddrType type",
"type": "string"
}
ALBIpAddressVersions (type)
{
"description": "Valid ENUM values for ALBIpAddressVersions",
"enum": [
"V4_ONLY",
"V6_ONLY",
"V4_V6"
],
"id": "ALBIpAddressVersions",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "IpAddressVersions type",
"type": "string"
}
ALBKeyValue (type)
{
"additionalProperties": false,
"description": "Advanced load balancer KeyValue object",
"id": "ALBKeyValue",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"key": {
"description": "Key.",
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"description": "Value.",
"required": false,
"title": "Value",
"type": "string"
}
},
"title": "KeyValue",
"type": "object"
}
ALBL4ConnectionPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4ConnectionPolicy object",
"id": "ALBL4ConnectionPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"rules": {
"description": "Rules to apply when a new transport connection is setup.",
"items": {
"$ref": "ALBL4Rule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "L4ConnectionPolicy",
"type": "object"
}
ALBL4Policies (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4Policies object",
"id": "ALBL4Policies",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"index": {
"description": "Index of the virtual service L4 policy set.",
"required": true,
"title": "Index",
"type": "integer"
},
"l4_policy_set_path": {
"description": "ID of the virtual service L4 policy set. It is a reference to an object of type L4PolicySet.",
"required": true,
"title": "L4 policy set path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_L4POLICYSET_RELATIONSHIP",
"rightType": [
"ALBL4PolicySet"
]
}
]
}
},
"title": "L4Policies",
"type": "object"
}
ALBL4PolicySet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4PolicySet object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBL4PolicySet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_internal_policy": {
"default": false,
"description": "Placeholder for description of property is_internal_policy of obj type L4PolicySet field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is internal policy",
"type": "boolean"
},
"l4_connection_policy": {
"$ref": "ALBL4ConnectionPolicy,
"description": "Policy to apply when a new transport connection is setup.",
"required": false,
"title": "L4 connection policy"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L4PolicySet",
"type": "object"
}
ALBL4PolicySetApiResponse (type)
{
"additionalProperties": false,
"description": "L4PolicySetApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBL4PolicySetApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of L4PolicySet",
"items": {
"$ref": "ALBL4PolicySet
},
"required": false,
"title": "Array of L4PolicySet",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "L4PolicySetApiResponse",
"type": "object"
}
ALBL4Rule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4Rule object",
"id": "ALBL4Rule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBL4RuleAction,
"description": "Action to be performed upon successful rule match.",
"required": false,
"title": "Action"
},
"enable": {
"default": true,
"description": "Enable or disable the rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Index of the rule.",
"required": true,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBL4RuleMatchTarget,
"description": "Match criteria of the rule.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
}
},
"title": "L4Rule",
"type": "object"
}
ALBL4RuleAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4RuleAction object",
"id": "ALBL4RuleAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"select_pool": {
"$ref": "ALBL4RuleActionSelectPool,
"description": "Indicates pool or pool-group selection on rule match.",
"required": false,
"title": "Select pool"
}
},
"title": "L4RuleAction",
"type": "object"
}
ALBL4RuleActionSelectPool (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4RuleActionSelectPool object",
"id": "ALBL4RuleActionSelectPool",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action_type": {
"$ref": "ALBL4RuleActionSelectPoolType,
"description": "Indicates action to take on rule match. Enum options - L4_RULE_ACTION_SELECT_POOL, L4_RULE_ACTION_SELECT_POOLGROUP. Allowed in Basic(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Essentials(Allowed values- L4_RULE_ACTION_SELECT_POOL) edition, Enterprise edition.",
"required": true,
"title": "Action type"
},
"pool_group_path": {
"description": "ID of the pool group to serve the request. It is a reference to an object of type PoolGroup. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Pool group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBL4PolicySet"
],
"relationshipType": "ALB_L4POLICYSET_ALB_POOLGROUP_RELATIONSHIP",
"rightType": [
"ALBPoolGroup"
]
}
]
},
"pool_path": {
"description": "ID of the pool of servers to serve the request. It is a reference to an object of type Pool.",
"required": false,
"title": "Pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBL4PolicySet"
],
"relationshipType": "ALB_L4POLICYSET_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
}
},
"title": "L4RuleActionSelectPool",
"type": "object"
}
ALBL4RuleActionSelectPoolType (type)
{
"description": "Valid ENUM values for ALBL4RuleActionSelectPoolType",
"enum": [
"L4_RULE_ACTION_SELECT_POOL",
"L4_RULE_ACTION_SELECT_POOLGROUP"
],
"id": "ALBL4RuleActionSelectPoolType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "L4RuleActionSelectPoolType type",
"type": "string"
}
ALBL4RuleMatchTarget (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4RuleMatchTarget object",
"id": "ALBL4RuleMatchTarget",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "IP addresses to match against client IP. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Client ip"
},
"port": {
"$ref": "ALBL4RulePortMatch,
"description": "Port number to match against Virtual Service listner port.",
"required": false,
"title": "Port"
},
"protocol": {
"$ref": "ALBL4RuleProtocolMatch,
"description": "TCP/UDP/ICMP protocol to match against transport protocol. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Protocol"
}
},
"title": "L4RuleMatchTarget",
"type": "object"
}
ALBL4RulePortMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4RulePortMatch object",
"id": "ALBL4RulePortMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for Virtual Service port matching. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"port_ranges": {
"description": "Range of TCP/UDP port numbers of the Virtual Service.",
"items": {
"$ref": "ALBPortRange
},
"required": false,
"title": "Port ranges",
"type": "array"
},
"ports": {
"description": "Virtual Service's listening port(s). Allowed values are 1-65535.",
"items": {
"type": "integer"
},
"required": false,
"title": "Ports",
"type": "array"
}
},
"title": "L4RulePortMatch",
"type": "object"
}
ALBL4RuleProtocolMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer L4RuleProtocolMatch object",
"id": "ALBL4RuleProtocolMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for transport protocol matching. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"protocol": {
"$ref": "ALBProtocol,
"description": "Transport protocol to match. Enum options - PROTOCOL_ICMP, PROTOCOL_TCP, PROTOCOL_UDP.",
"required": true,
"title": "Protocol"
}
},
"title": "L4RuleProtocolMatch",
"type": "object"
}
ALBLbAlgorithm (type)
{
"description": "Valid ENUM values for ALBLbAlgorithm",
"enum": [
"LB_ALGORITHM_LEAST_CONNECTIONS",
"LB_ALGORITHM_ROUND_ROBIN",
"LB_ALGORITHM_FASTEST_RESPONSE",
"LB_ALGORITHM_CONSISTENT_HASH",
"LB_ALGORITHM_LEAST_LOAD",
"LB_ALGORITHM_FEWEST_SERVERS",
"LB_ALGORITHM_RANDOM",
"LB_ALGORITHM_FEWEST_TASKS",
"LB_ALGORITHM_NEAREST_SERVER",
"LB_ALGORITHM_CORE_AFFINITY",
"LB_ALGORITHM_TOPOLOGY"
],
"id": "ALBLbAlgorithm",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LbAlgorithm type",
"type": "string"
}
ALBLbAlgorithmConsistentHash (type)
{
"description": "Valid ENUM values for ALBLbAlgorithmConsistentHash",
"enum": [
"LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS",
"LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT",
"LB_ALGORITHM_CONSISTENT_HASH_URI",
"LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER",
"LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING",
"LB_ALGORITHM_CONSISTENT_HASH_CALLID"
],
"id": "ALBLbAlgorithmConsistentHash",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LbAlgorithmConsistentHash type",
"type": "string"
}
ALBLdapAuthSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer LdapAuthSettings object",
"id": "ALBLdapAuthSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"base_dn": {
"description": "The LDAP base DN. For example, avinetworks.com would be DC=avinetworks,DC=com.",
"required": false,
"title": "Base dn",
"type": "string"
},
"bind_as_administrator": {
"default": true,
"description": "LDAP administrator credentials are used to search for users and group memberships. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Bind as administrator",
"type": "boolean"
},
"email_attribute": {
"default": "email",
"description": "LDAP attribute that refers to user email. Default value when not specified in API or module is interpreted by ALB Controller as email.",
"required": false,
"title": "Email attribute",
"type": "string"
},
"full_name_attribute": {
"default": "name",
"description": "LDAP attribute that refers to user's full name. Default value when not specified in API or module is interpreted by ALB Controller as name.",
"required": false,
"title": "Full name attribute",
"type": "string"
},
"port": {
"default": 389,
"description": "Query the LDAP servers on this port. Default value when not specified in API or module is interpreted by ALB Controller as 389.",
"required": false,
"title": "Port",
"type": "integer"
},
"security_mode": {
"$ref": "ALBAuthLdapSecurityMode,
"description": "LDAP connection security mode. Enum options - AUTH_LDAP_SECURE_NONE, AUTH_LDAP_SECURE_USE_LDAPS.",
"required": false,
"title": "Security mode"
},
"server": {
"description": "LDAP server IP address or Hostname. Use IP address if an auth profile is used to configure Virtual Service. Minimum of 1 items required.",
"items": {
"type": "string"
},
"required": true,
"title": "Server",
"type": "array"
},
"settings": {
"$ref": "ALBLdapDirectorySettings,
"description": "LDAP full directory configuration with administrator credentials.",
"required": false,
"title": "Settings"
},
"user_bind": {
"$ref": "ALBLdapUserBindSettings,
"description": "LDAP anonymous bind configuration.",
"required": false,
"title": "User bind"
}
},
"title": "LdapAuthSettings",
"type": "object"
}
ALBLdapDirectorySettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer LdapDirectorySettings object",
"id": "ALBLdapDirectorySettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"admin_bind_dn": {
"description": "LDAP Admin User DN. Administrator credentials are required to search for users under user search DN or groups under group search DN.",
"required": false,
"title": "Admin bind dn",
"type": "string"
},
"group_filter": {
"default": "(objectClass=*)",
"description": "Group filter is used to identify groups during search. Default value when not specified in API or module is interpreted by ALB Controller as (objectClass=(STAR)).",
"required": false,
"title": "Group filter",
"type": "string"
},
"group_member_attribute": {
"default": "member",
"description": "LDAP group attribute that identifies each of the group members. Default value when not specified in API or module is interpreted by ALB Controller as member.",
"required": false,
"title": "Group member attribute",
"type": "string"
},
"group_member_is_full_dn": {
"default": true,
"description": "Group member entries contain full DNs instead of just user id attribute values. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Group member is full dn",
"type": "boolean"
},
"group_search_dn": {
"description": "LDAP group search DN is the root of search for a given group in the LDAP directory. Only matching groups present in this LDAP directory sub-tree will be checked for user membership.",
"required": false,
"title": "Group search dn",
"type": "string"
},
"group_search_scope": {
"$ref": "ALBAuthLdapSearchScope,
"default": "AUTH_LDAP_SCOPE_SUBTREE",
"description": "LDAP group search scope defines how deep to search for the group starting from the group search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_SUBTREE.",
"required": false,
"title": "Group search scope"
},
"ignore_referrals": {
"default": false,
"description": "During user or group search, ignore searching referrals. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ignore referrals",
"type": "boolean"
},
"password": {
"description": "LDAP Admin User Password.",
"required": false,
"sensitive": true,
"title": "Password",
"type": "string"
},
"user_attributes": {
"description": "LDAP user attributes to fetch on a successful user bind.",
"items": {
"type": "string"
},
"required": false,
"title": "User attributes",
"type": "array"
},
"user_id_attribute": {
"description": "LDAP user id attribute is the login attribute that uniquely identifies a single user record.",
"required": false,
"title": "User id attribute",
"type": "string"
},
"user_search_dn": {
"description": "LDAP user search DN is the root of search for a given user in the LDAP directory. Only user records present in this LDAP directory sub-tree will be validated.",
"required": false,
"title": "User search dn",
"type": "string"
},
"user_search_scope": {
"$ref": "ALBAuthLdapSearchScope,
"default": "AUTH_LDAP_SCOPE_ONE",
"description": "LDAP user search scope defines how deep to search for the user starting from user search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_ONE.",
"required": false,
"title": "User search scope"
}
},
"title": "LdapDirectorySettings",
"type": "object"
}
ALBLdapUserBindSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer LdapUserBindSettings object",
"id": "ALBLdapUserBindSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dn_template": {
"description": "LDAP user DN pattern is used to bind LDAP user after replacing the user token with real username.",
"required": false,
"title": "Dn template",
"type": "string"
},
"token": {
"default": "<user>",
"description": "LDAP token is replaced with real user name in the user DN pattern. Default value when not specified in API or module is interpreted by ALB Controller as <user>.",
"required": false,
"title": "Token",
"type": "string"
},
"user_attributes": {
"description": "LDAP user attributes to fetch on a successful user bind.",
"items": {
"type": "string"
},
"required": false,
"title": "User attributes",
"type": "array"
},
"user_id_attribute": {
"description": "LDAP user id attribute is the login attribute that uniquely identifies a single user record.",
"required": false,
"title": "User id attribute",
"type": "string"
}
},
"title": "LdapUserBindSettings",
"type": "object"
}
ALBLocationHdrMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer LocationHdrMatch object",
"id": "ALBLocationHdrMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBHdrMatchOperation,
"description": "Criterion to use for matching location header value in the HTTP response. Enum options - HDR_EXISTS, HDR_DOES_NOT_EXIST, HDR_BEGINS_WITH, HDR_DOES_NOT_BEGIN_WITH, HDR_CONTAINS, HDR_DOES_NOT_CONTAIN, HDR_ENDS_WITH, HDR_DOES_NOT_END_WITH, HDR_EQUALS, HDR_DOES_NOT_EQUAL.",
"required": true,
"title": "Match criteria"
},
"value": {
"description": "String value(s) in the location header.",
"items": {
"type": "string"
},
"required": false,
"title": "Value",
"type": "array"
}
},
"title": "LocationHdrMatch",
"type": "object"
}
ALBLogAction (type)
{
"description": "Valid ENUM values for ALBLogAction",
"enum": [
"LOG_FIELD_REMOVE",
"LOG_FIELD_MASKOFF"
],
"id": "ALBLogAction",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LogAction type",
"type": "string"
}
ALBLogStreamingFormatType (type)
{
"description": "Valid ENUM values for ALBLogStreamingFormatType",
"enum": [
"LOG_STREAMING_FORMAT_JSON_FULL",
"LOG_STREAMING_FORMAT_JSON_SELECTED"
],
"id": "ALBLogStreamingFormatType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LogStreamingFormatType type",
"type": "string"
}
ALBLogsProcessingType (type)
{
"description": "Valid ENUM values for ALBLogsProcessingType",
"enum": [
"LOGS_PROCESSING_NONE",
"LOGS_PROCESSING_SYNC_AND_INDEX_ON_DEMAND",
"LOGS_PROCESSING_AUTO_SYNC_AND_INDEX",
"LOGS_PROCESSING_AUTO_SYNC_BUT_INDEX_ON_DEMAND"
],
"id": "ALBLogsProcessingType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LogsProcessingType type",
"type": "string"
}
ALBLogsType (type)
{
"description": "Valid ENUM values for ALBLogsType",
"enum": [
"LOGS_SIGNIFICANT_ONLY",
"LOGS_UDF_ONLY",
"LOGS_UDF_SIGNIFICANT",
"LOGS_ALL"
],
"id": "ALBLogsType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "LogsType type",
"type": "string"
}
ALBMatchCase (type)
{
"description": "Valid ENUM values for ALBMatchCase",
"enum": [
"SENSITIVE",
"INSENSITIVE"
],
"id": "ALBMatchCase",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "MatchCase type",
"type": "string"
}
ALBMatchOperation (type)
{
"description": "Valid ENUM values for ALBMatchOperation",
"enum": [
"IS_IN",
"IS_NOT_IN"
],
"id": "ALBMatchOperation",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "MatchOperation type",
"type": "string"
}
ALBMatchReplacePair (type)
{
"additionalProperties": false,
"description": "Advanced load balancer MatchReplacePair object",
"id": "ALBMatchReplacePair",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_string": {
"description": "String to be matched.",
"required": true,
"title": "Match string",
"type": "string"
},
"replacement_string": {
"$ref": "ALBReplaceStringVar,
"description": "Replacement string.",
"required": false,
"title": "Replacement string"
}
},
"title": "MatchReplacePair",
"type": "object"
}
ALBMatchTarget (type)
{
"additionalProperties": false,
"description": "Advanced load balancer MatchTarget object",
"id": "ALBMatchTarget",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Configure client ip addresses.",
"required": false,
"title": "Client ip"
},
"cookie": {
"$ref": "ALBCookieMatch,
"description": "Configure HTTP cookie(s).",
"required": false,
"title": "Cookie"
},
"hdrs": {
"description": "Configure HTTP header(s).",
"items": {
"$ref": "ALBHdrMatch
},
"required": false,
"title": "Hdrs",
"type": "array"
},
"host_hdr": {
"$ref": "ALBHostHdrMatch,
"description": "Configure the host header.",
"required": false,
"title": "Host hdr"
},
"method": {
"$ref": "ALBMethodMatch,
"description": "Configure HTTP methods.",
"required": false,
"title": "Method"
},
"path": {
"$ref": "ALBPathMatch,
"description": "Configure request paths.",
"required": false,
"title": "Path"
},
"protocol": {
"$ref": "ALBProtocolMatch,
"description": "Configure the type of HTTP protocol.",
"required": false,
"title": "Protocol"
},
"query": {
"$ref": "ALBQueryMatch,
"description": "Configure request query.",
"required": false,
"title": "Query"
},
"version": {
"$ref": "ALBHTTPVersionMatch,
"description": "Configure versions of the HTTP protocol.",
"required": false,
"title": "Version"
},
"vs_port": {
"$ref": "ALBPortMatch,
"description": "Configure virtual service ports.",
"required": false,
"title": "Vs port"
}
},
"title": "MatchTarget",
"type": "object"
}
ALBMethodMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer MethodMatch object",
"id": "ALBMethodMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for HTTP method matching the method in the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"methods": {
"description": "Configure HTTP method(s). Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK. Minimum of 1 items required. Maximum of 16 items allowed. Allowed in Basic(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Essentials(Allowed values- HTTP_METHOD_GET,HTTP_METHOD_PUT,HTTP_METHOD_POST,HTTP_METHOD_HEAD,HTTP_METHOD_OPTIONS) edition, Enterprise edition.",
"items": {
"$ref": "ALBHTTPMethod
},
"required": true,
"title": "Methods",
"type": "array"
}
},
"title": "MethodMatch",
"type": "object"
}
ALBMetricsRealTimeUpdate (type)
{
"additionalProperties": false,
"description": "Advanced load balancer MetricsRealTimeUpdate object",
"id": "ALBMetricsRealTimeUpdate",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"duration": {
"default": 30,
"description": "Real time metrics collection duration in minutes. 0 for infinite. Special values are 0 - 'infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 30.",
"required": false,
"title": "Duration",
"type": "integer"
},
"enabled": {
"default": false,
"description": "Enables real time metrics collection. When deactivated, 6 hour view is the most granular the system will track. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": true,
"title": "Enabled",
"type": "boolean"
}
},
"title": "MetricsRealTimeUpdate",
"type": "object"
}
ALBMicroServiceMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer MicroServiceMatch object",
"id": "ALBMicroServiceMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for Micro Service matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
}
},
"title": "MicroServiceMatch",
"type": "object"
}
ALBNetworkFilter (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkFilter object",
"id": "ALBNetworkFilter",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"server_filter": {
"description": "server_filter of NetworkFilter.",
"required": false,
"title": "Server filter",
"type": "string"
}
},
"title": "NetworkFilter",
"type": "object"
}
ALBNetworkProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBNetworkProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connection_mirror": {
"default": false,
"description": "When enabled, Avi mirrors all TCP fastpath connections to standby. Applicable only in Legacy HA Mode. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Connection mirror",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile": {
"$ref": "ALBNetworkProfileUnion,
"description": "Placeholder for description of property profile of obj type NetworkProfile field type str type ref.",
"required": true,
"title": "Profile"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NetworkProfile",
"type": "object"
}
ALBNetworkProfileApiResponse (type)
{
"additionalProperties": false,
"description": "NetworkProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBNetworkProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of NetworkProfile",
"items": {
"$ref": "ALBNetworkProfile
},
"required": false,
"title": "Array of NetworkProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NetworkProfileApiResponse",
"type": "object"
}
ALBNetworkProfileUnion (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkProfileUnion object",
"id": "ALBNetworkProfileUnion",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"tcp_fast_path_profile": {
"$ref": "ALBTCPFastPathProfile,
"description": "Placeholder for description of property tcp_fast_path_profile of obj type NetworkProfileUnion field type str type ref.",
"required": false,
"title": "Tcp fast path profile"
},
"tcp_proxy_profile": {
"$ref": "ALBTCPProxyProfile,
"description": "Placeholder for description of property tcp_proxy_profile of obj type NetworkProfileUnion field type str type ref.",
"required": false,
"title": "Tcp proxy profile"
},
"type": {
"$ref": "ALBProtocolType,
"default": "PROTOCOL_TYPE_TCP_PROXY",
"description": "Configure one of either proxy or fast path profiles. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY. Allowed in Basic(Allowed values- PROTOCOL_TYPE_TCP_PROXY,PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Essentials(Allowed values- PROTOCOL_TYPE_TCP_FAST_PATH,PROTOCOL_TYPE_UDP_FAST_PATH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROTOCOL_TYPE_TCP_PROXY.",
"required": true,
"title": "Type"
},
"udp_fast_path_profile": {
"$ref": "ALBUDPFastPathProfile,
"description": "Placeholder for description of property udp_fast_path_profile of obj type NetworkProfileUnion field type str type ref.",
"required": false,
"title": "Udp fast path profile"
},
"udp_proxy_profile": {
"$ref": "ALBUDPProxyProfile,
"description": "Configure UDP Proxy network profile. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Udp proxy profile"
}
},
"title": "NetworkProfileUnion",
"type": "object"
}
ALBNetworkSecurityMatchTarget (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkSecurityMatchTarget object",
"id": "ALBNetworkSecurityMatchTarget",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Placeholder for description of property client_ip of obj type NetworkSecurityMatchTarget field type str type ref.",
"required": false,
"title": "Client ip"
},
"microservice": {
"$ref": "ALBMicroServiceMatch,
"description": "Placeholder for description of property microservice of obj type NetworkSecurityMatchTarget field type str type ref.",
"required": false,
"title": "Microservice"
},
"vs_port": {
"$ref": "ALBPortMatch,
"description": "Placeholder for description of property vs_port of obj type NetworkSecurityMatchTarget field type str type ref.",
"required": false,
"title": "Vs port"
}
},
"title": "NetworkSecurityMatchTarget",
"type": "object"
}
ALBNetworkSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkSecurityPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBNetworkSecurityPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_config_cksum": {
"description": "Checksum of cloud configuration for Network Sec Policy. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"description": "Placeholder for description of property rules of obj type NetworkSecurityPolicy field type str type array.",
"items": {
"$ref": "ALBNetworkSecurityRule
},
"required": false,
"title": "Rules",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NetworkSecurityPolicy",
"type": "object"
}
ALBNetworkSecurityPolicyActionRLParam (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkSecurityPolicyActionRLParam object",
"id": "ALBNetworkSecurityPolicyActionRLParam",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"burst_size": {
"default": 0,
"description": "Maximum number of connections or requests or packets to be rate limited instantaneously. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": true,
"title": "Burst size",
"type": "integer"
},
"max_rate": {
"description": "Maximum number of connections or requests or packets per second. Allowed values are 1-4294967295.",
"maximum": 4294967295,
"minimum": 1,
"required": true,
"title": "Max rate",
"type": "integer"
}
},
"title": "NetworkSecurityPolicyActionRLParam",
"type": "object"
}
ALBNetworkSecurityPolicyActionType (type)
{
"description": "Valid ENUM values for ALBNetworkSecurityPolicyActionType",
"enum": [
"NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW",
"NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY",
"NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT"
],
"id": "ALBNetworkSecurityPolicyActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "NetworkSecurityPolicyActionType type",
"type": "string"
}
ALBNetworkSecurityPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "NetworkSecurityPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBNetworkSecurityPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of NetworkSecurityPolicy",
"items": {
"$ref": "ALBNetworkSecurityPolicy
},
"required": false,
"title": "Array of NetworkSecurityPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NetworkSecurityPolicyApiResponse",
"type": "object"
}
ALBNetworkSecurityRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer NetworkSecurityRule object",
"id": "ALBNetworkSecurityRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBNetworkSecurityPolicyActionType,
"description": "Enum options - NETWORK_SECURITY_POLICY_ACTION_TYPE_ALLOW, NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY, NETWORK_SECURITY_POLICY_ACTION_TYPE_RATE_LIMIT. Allowed in Basic(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Essentials(Allowed values- NETWORK_SECURITY_POLICY_ACTION_TYPE_DENY) edition, Enterprise edition.",
"required": true,
"title": "Action"
},
"age": {
"default": 0,
"description": "Time in minutes after which rule will be deleted. Allowed values are 1-4294967295. Special values are 0- 'blocked for ever'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Age",
"type": "integer"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"enable": {
"description": "Placeholder for description of property enable of obj type NetworkSecurityRule field type str type boolean.",
"required": true,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"log": {
"default": false,
"description": "Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Log",
"type": "boolean"
},
"match": {
"$ref": "ALBNetworkSecurityMatchTarget,
"description": "Placeholder for description of property match of obj type NetworkSecurityRule field type str type ref.",
"required": true,
"title": "Match"
},
"name": {
"description": "Name of the object.",
"required": true,
"title": "Name",
"type": "string"
},
"rl_param": {
"$ref": "ALBNetworkSecurityPolicyActionRLParam,
"description": "Placeholder for description of property rl_param of obj type NetworkSecurityRule field type str type ref.",
"required": false,
"title": "Rl param"
}
},
"title": "NetworkSecurityRule",
"type": "object"
}
ALBOCSPConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer OCSPConfig object",
"id": "ALBOCSPConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"failed_ocsp_jobs_retry_interval": {
"default": 3600,
"description": "Describes the Time Interval after which the next OCSP job needs to be scheduled in case of the OCSP job failures. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 3600.",
"maximum": 86400,
"minimum": 60,
"required": false,
"title": "Failed ocsp jobs retry interval",
"type": "integer"
},
"max_tries": {
"default": 10,
"description": "Maximum number of times the failed OCSP jobs can be scheduled. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"required": false,
"title": "Max tries",
"type": "integer"
},
"ocsp_req_interval": {
"default": 86400,
"description": "Interval between the OCSP queries. Allowed values are 60-31536000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400.",
"maximum": 31536000,
"minimum": 60,
"required": false,
"title": "Ocsp req interval",
"type": "integer"
},
"ocsp_resp_timeout": {
"description": "Time in seconds that the system waits for a reply from the OCSP responder before dropping the connection. Unit is SEC.",
"required": false,
"title": "Ocsp resp timeout",
"type": "integer"
},
"responder_url_lists": {
"description": "List of Responder URLs configured by user to do failover/override the AIA extension contained in the OCSP responder's SSL/TLS certificate.",
"items": {
"type": "string"
},
"required": false,
"title": "Responder url lists",
"type": "array"
},
"url_action": {
"$ref": "ALBOCSPResponderUrlAction,
"default": "OCSP_RESPONDER_URL_FAILOVER",
"description": "Describes the type of action to take with the Responder URLs. Enum options - OCSP_RESPONDER_URL_FAILOVER, OCSP_RESPONDER_URL_OVERRIDE. Default value when not specified in API or module is interpreted by ALB Controller as OCSP_RESPONDER_URL_FAILOVER.",
"required": false,
"title": "Url action"
}
},
"title": "OCSPConfig",
"type": "object"
}
ALBOCSPResponderUrlAction (type)
{
"description": "Valid ENUM values for ALBOCSPResponderUrlAction",
"enum": [
"OCSP_RESPONDER_URL_FAILOVER",
"OCSP_RESPONDER_URL_OVERRIDE"
],
"id": "ALBOCSPResponderUrlAction",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "OCSPResponderUrlAction type",
"type": "string"
}
ALBOperationMode (type)
{
"description": "Valid ENUM values for ALBOperationMode",
"enum": [
"DETECTION",
"MITIGATION"
],
"id": "ALBOperationMode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "OperationMode type",
"type": "string"
}
ALBPGDeploymentRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PGDeploymentRule object",
"id": "ALBPGDeploymentRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"metric_id": {
"default": "health.health_score_value",
"description": "metric_id of PGDeploymentRule. Default value when not specified in API or module is interpreted by ALB Controller as health.health_score_value.",
"required": false,
"title": "Metric id",
"type": "string"
},
"operator": {
"$ref": "ALBComparisonOperator,
"default": "CO_GE",
"description": "Enum options - CO_EQ, CO_GT, CO_GE, CO_LT, CO_LE, CO_NE. Default value when not specified in API or module is interpreted by ALB Controller as CO_GE.",
"required": false,
"title": "Operator"
},
"threshold": {
"description": "metric threshold that is used as the pass fail. If it is not provided then it will simply compare it with current pool vs new pool.",
"required": false,
"title": "Threshold",
"type": "number"
}
},
"title": "PGDeploymentRule",
"type": "object"
}
ALBPKIProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PKIProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBPKIProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"ca_certs": {
"description": "List of Certificate Authorities (Root and Intermediate) trusted that is used for certificate validation.",
"items": {
"$ref": "ALBSSLCertificate
},
"required": false,
"title": "Ca certs",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"crl_check": {
"default": true,
"description": "When enabled, Avi will verify via CRL checks that certificates in the trust chain have not been revoked. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Crl check",
"type": "boolean"
},
"crls": {
"description": "Certificate Revocation Lists.",
"items": {
"$ref": "ALBCRL
},
"required": false,
"title": "Crls",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_peer_chain": {
"default": true,
"description": "When enabled, Avi will not trust Intermediate and Root certs presented by a client. Instead, only the chain certs configured in the Certificate Authority section will be used to verify trust of the client's cert. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Special default for Basic edition is true, Essentials edition is true, Enterprise is False. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Ignore peer chain",
"type": "boolean"
},
"is_federated": {
"default": false,
"description": "This field describes the object's replication scope. If the field is set to false, then the object is visible within the controller-cluster and its associated service-engines. If the field is set to true, then the object is replicated across the federation. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is federated",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"validate_only_leaf_crl": {
"default": true,
"description": "When enabled, Avi will only validate the revocation status of the leaf certificate using CRL. To enable validation for the entire chain, disable this option and provide all the relevant CRLs. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Validate only leaf crl",
"type": "boolean"
}
},
"title": "PKIProfile",
"type": "object"
}
ALBPKIProfileApiResponse (type)
{
"additionalProperties": false,
"description": "PKIProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBPKIProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of PKIProfile",
"items": {
"$ref": "ALBPKIProfile
},
"required": false,
"title": "Array of PKIProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PKIProfileApiResponse",
"type": "object"
}
ALBPathMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PathMatch object",
"id": "ALBPathMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBStringOperation,
"default": "CONTAINS",
"description": "Criterion to use for matching the path in the HTTP request URI. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CONTAINS.",
"required": true,
"title": "Match criteria"
},
"match_str": {
"description": "String values.",
"items": {
"type": "string"
},
"required": false,
"title": "Match str",
"type": "array"
},
"string_group_paths": {
"description": "path of the string group(s). It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "String group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBHTTPPolicySet"
],
"relationshipType": "ALB_HTTPPOLICYSET_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBSSOPolicy"
],
"relationshipType": "ALB_SSOPOLICY_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBWafPolicyPSMGroup"
],
"relationshipType": "ALB_WAFPOLICYPSMGROUP_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
}
},
"title": "PathMatch",
"type": "object"
}
ALBPerformanceLimits (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PerformanceLimits object",
"id": "ALBPerformanceLimits",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"max_concurrent_connections": {
"description": "The maximum number of concurrent client conections allowed to the Virtual Service.",
"required": false,
"title": "Max concurrent connections",
"type": "integer"
},
"max_throughput": {
"description": "The maximum throughput per second for all clients allowed through the client side of the Virtual Service.",
"required": false,
"title": "Max throughput",
"type": "integer"
}
},
"title": "PerformanceLimits",
"type": "object"
}
ALBPersistenceProfileType (type)
{
"description": "Valid ENUM values for ALBPersistenceProfileType",
"enum": [
"PERSISTENCE_TYPE_CLIENT_IP_ADDRESS",
"PERSISTENCE_TYPE_HTTP_COOKIE",
"PERSISTENCE_TYPE_TLS",
"PERSISTENCE_TYPE_CLIENT_IPV6_ADDRESS",
"PERSISTENCE_TYPE_CUSTOM_HTTP_HEADER",
"PERSISTENCE_TYPE_APP_COOKIE",
"PERSISTENCE_TYPE_GSLB_SITE"
],
"id": "ALBPersistenceProfileType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "PersistenceProfileType type",
"type": "string"
}
ALBPersistentServerHMDownRecovery (type)
{
"description": "Valid ENUM values for ALBPersistentServerHMDownRecovery",
"enum": [
"HM_DOWN_PICK_NEW_SERVER",
"HM_DOWN_ABORT_CONNECTION",
"HM_DOWN_CONTINUE_PERSISTENT_SERVER"
],
"id": "ALBPersistentServerHMDownRecovery",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "PersistentServerHMDownRecovery type",
"type": "string"
}
ALBPlacementNetwork (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PlacementNetwork object",
"id": "ALBPlacementNetwork",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"network_name": {
"description": "It is a reference to an object of type Network.",
"required": true,
"title": "Network name",
"type": "string"
},
"subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "Placeholder for description of property subnet of obj type PlacementNetwork field type str type ref.",
"required": true,
"title": "Subnet"
}
},
"title": "PlacementNetwork",
"type": "object"
}
ALBPool (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Pool object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBPool",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"analytics_policy": {
"$ref": "ALBPoolAnalyticsPolicy,
"description": "Determines analytics settings for the pool.",
"required": false,
"title": "Analytics policy"
},
"analytics_profile_path": {
"description": "Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile.",
"required": false,
"title": "Analytics profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_ANALYTICSPROFILE_RELATIONSHIP",
"rightType": [
"ALBAnalyticsProfile"
]
}
]
},
"apic_epg_name": {
"description": "Synchronize Cisco APIC EPG members with pool servers.",
"required": false,
"title": "Apic epg name",
"type": "string"
},
"application_persistence_profile_path": {
"description": "Persistence will ensure the same user sticks to the same server for a desired duration of time. It is a reference to an object of type ApplicationPersistenceProfile.",
"required": false,
"title": "Application persistence profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_APPLICATIONPERSISTENCEPROFILE_RELATIONSHIP",
"rightType": [
"ALBApplicationPersistenceProfile"
]
}
]
},
"autoscale_launch_config_path": {
"description": "If configured then Avi will trigger orchestration of pool server creation and deletion. It is a reference to an object of type AutoScaleLaunchConfig.",
"required": false,
"title": "Autoscale launch config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_AUTOSCALELAUNCHCONFIG_RELATIONSHIP",
"rightType": [
"ALBAutoScaleLaunchConfig"
]
}
]
},
"autoscale_networks": {
"description": "Network Ids for the launch configuration.",
"items": {
"type": "string"
},
"required": false,
"title": "Autoscale networks",
"type": "array"
},
"autoscale_policy_path": {
"description": "Reference to Server Autoscale Policy. It is a reference to an object of type ServerAutoScalePolicy.",
"required": false,
"title": "Autoscale policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_SERVERAUTOSCALEPOLICY_RELATIONSHIP",
"rightType": [
"ALBServerAutoScalePolicy"
]
}
]
},
"capacity_estimation": {
"default": false,
"description": "Inline estimation of capacity of servers. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Capacity estimation",
"type": "boolean"
},
"capacity_estimation_ttfb_thresh": {
"default": 0,
"description": "The maximum time-to-first-byte of a server. Allowed values are 1-5000. Special values are 0 - 'Automatic'. Unit is MILLISECONDS. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 5000,
"minimum": 0,
"required": false,
"title": "Capacity estimation ttfb thresh",
"type": "integer"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_config_cksum": {
"description": "Checksum of cloud configuration for Pool. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"conn_pool_properties": {
"$ref": "ALBConnPoolProperties,
"description": "Connnection pool properties.",
"required": false,
"title": "Conn pool properties"
},
"connection_ramp_duration": {
"default": 0,
"description": "Duration for which new connections will be gradually ramped up to a server recently brought online. Useful for LB algorithms that are least connection based. Allowed values are 1-300. Special values are 0 - 'Immediate'. Unit is MIN. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Special default for Basic edition is 0, Essentials edition is 0, Enterprise is 10. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 300,
"minimum": 0,
"required": false,
"title": "Connection ramp duration",
"type": "integer"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"default_server_port": {
"default": 80,
"description": "Traffic sent to servers will use this destination server port unless overridden by the server's specific port attribute. The SSL checkbox enables Avi to server encryption. Allowed values are 1-65535. Default value when not specified in API or module is interpreted by ALB Controller as 80.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Default server port",
"type": "integer"
},
"delete_server_on_dns_refresh": {
"default": true,
"description": "Indicates whether existing IPs are disabled(false) or deleted(true) on dns hostname refreshDetail -- On a dns refresh, some IPs set on pool may no longer be returned by the resolver. These IPs are deleted from the pool when this knob is set to true. They are disabled, if the knob is set to false. Allowed in Basic(Allowed values- true) edition, Essentials(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Delete server on dns refresh",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "Comma separated list of domain names which will be used to verify the common names or subject alternative names presented by server certificates. It is performed only when common name check host_check_enabled is enabled.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain name",
"type": "array"
},
"east_west": {
"description": "Inherited config from VirtualService.",
"required": false,
"title": "East west",
"type": "boolean"
},
"enable_http2": {
"default": false,
"description": "Enable HTTP/2 for traffic from VirtualService to all backend servers in this pool. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable http2",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "Enable or disable the pool. Disabling will terminate all open connections and pause health monitors. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"external_autoscale_groups": {
"description": "Names of external auto-scale groups for pool servers. Currently available only for AWS and Azure.",
"items": {
"type": "string"
},
"required": false,
"title": "External autoscale groups",
"type": "array"
},
"fail_action": {
"$ref": "ALBFailAction,
"description": "Enable an action - Close Connection, HTTP Redirect or Local HTTP Response - when a pool failure happens. By default, a connection will be closed, in case the pool experiences a failure.",
"required": false,
"title": "Fail action"
},
"fewest_tasks_feedback_delay": {
"default": 10,
"description": "Periodicity of feedback for fewest tasks server selection algorithm. Allowed values are 1-300. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"maximum": 300,
"minimum": 1,
"required": false,
"title": "Fewest tasks feedback delay",
"type": "integer"
},
"graceful_disable_timeout": {
"default": 1,
"description": "Used to gracefully disable a server. Virtual service waits for the specified time before terminating the existing connections to the servers that are disabled. Allowed values are 1-7200. Special values are 0 - 'Immediate', -1 - 'Infinite'. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 7200,
"minimum": -1,
"required": false,
"title": "Graceful disable timeout",
"type": "integer"
},
"group_paths": {
"description": "A list of NSX Groups where the Servers for the Pool are created .",
"items": {
"type": "string"
},
"required": false,
"title": "Group paths",
"type": "array"
},
"gslb_sp_enabled": {
"description": "Indicates if the pool is a site-persistence pool. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Gslb sp enabled",
"type": "boolean"
},
"health_monitor_paths": {
"description": "Verify server health by applying one or more health monitors. Active monitors generate synthetic traffic from each Service Engine and mark a server up or down based on the response. The Passive monitor listens only to client to server communication. It raises or lowers the ratio of traffic destined to a server based on successful responses. It is a reference to an object of type HealthMonitor. Maximum of 50 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Health monitor paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_HEALTHMONITOR_RELATIONSHIP",
"rightType": [
"ALBHealthMonitor"
]
}
]
},
"host_check_enabled": {
"default": false,
"description": "Enable common name check for server certificate. If enabled and no explicit domain name is specified, Avi will use the incoming host header to do the match. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Host check enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_server_port": {
"default": false,
"description": "Ignore the server port in building the load balancing state.Applicable only for consistent hash load balancing algorithm or Disable Port translation (use_service_port) use cases. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ignore server port",
"type": "boolean"
},
"inline_health_monitor": {
"default": true,
"description": "The Passive monitor will monitor client to server connections and requests and adjust traffic load to servers based on successful responses. This may alter the expected behavior of the LB method, such as Round Robin. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Inline health monitor",
"type": "boolean"
},
"ipaddrgroup_path": {
"description": "Use list of servers from Ip Address Group. It is a reference to an object of type IpAddrGroup.",
"required": false,
"title": "Ipaddrgroup path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_IPADDRGROUP_RELATIONSHIP",
"rightType": [
"ALBIpAddrGroup"
]
}
]
},
"lb_algorithm": {
"$ref": "ALBLbAlgorithm,
"default": "LB_ALGORITHM_LEAST_CONNECTIONS",
"description": "The load balancing algorithm will pick a server within the pool's list of available servers. Values LB_ALGORITHM_NEAREST_SERVER and LB_ALGORITHM_TOPOLOGY are only allowed for GSLB pool. Enum options - LB_ALGORITHM_LEAST_CONNECTIONS, LB_ALGORITHM_ROUND_ROBIN, LB_ALGORITHM_FASTEST_RESPONSE, LB_ALGORITHM_CONSISTENT_HASH, LB_ALGORITHM_LEAST_LOAD, LB_ALGORITHM_FEWEST_SERVERS, LB_ALGORITHM_RANDOM, LB_ALGORITHM_FEWEST_TASKS, LB_ALGORITHM_NEAREST_SERVER, LB_ALGORITHM_CORE_AFFINITY, LB_ALGORITHM_TOPOLOGY. Allowed in Basic(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Essentials(Allowed values- LB_ALGORITHM_LEAST_CONNECTIONS,LB_ALGORITHM_ROUND_ROBIN,LB_ALGORITHM_CONSISTENT_HASH) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_LEAST_CONNECTIONS.",
"required": false,
"title": "Lb algorithm"
},
"lb_algorithm_consistent_hash_hdr": {
"description": "HTTP header name to be used for the hash key.",
"required": false,
"title": "Lb algorithm consistent hash hdr",
"type": "string"
},
"lb_algorithm_core_nonaffinity": {
"default": 2,
"description": "Degree of non-affinity for core affinity based server selection. Allowed values are 1-65535. Allowed in Basic(Allowed values- 2) edition, Essentials(Allowed values- 2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Lb algorithm core nonaffinity",
"type": "integer"
},
"lb_algorithm_hash": {
"$ref": "ALBLbAlgorithmConsistentHash,
"default": "LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS",
"description": "Criteria used as a key for determining the hash between the client and server. Enum options - LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS, LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT, LB_ALGORITHM_CONSISTENT_HASH_URI, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_HEADER, LB_ALGORITHM_CONSISTENT_HASH_CUSTOM_STRING, LB_ALGORITHM_CONSISTENT_HASH_CALLID. Allowed in Basic(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Essentials(Allowed values- LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LB_ALGORITHM_CONSISTENT_HASH_SOURCE_IP_ADDRESS.",
"required": false,
"title": "Lb algorithm hash"
},
"lookup_server_by_name": {
"default": false,
"description": "Allow server lookup by name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Lookup server by name",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"max_concurrent_connections_per_server": {
"default": 0,
"description": "The maximum number of concurrent connections allowed to each server within the pool. NOTE applied value will be no less than the number of service engines that the pool is placed on. If set to 0, no limit is applied. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Max concurrent connections per server",
"type": "integer"
},
"max_conn_rate_per_server": {
"$ref": "ALBRateProfile,
"description": "Rate Limit connections to each server.",
"required": false,
"title": "Max conn rate per server"
},
"min_health_monitors_up": {
"description": "Minimum number of health monitors in UP state to mark server UP. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Min health monitors up",
"type": "integer"
},
"min_servers_up": {
"description": "Minimum number of servers in UP state for marking the pool UP.",
"required": false,
"title": "Min servers up",
"type": "integer"
},
"networks": {
"description": "(internal-use) Networks designated as containing servers for this pool. The servers may be further narrowed down by a filter. This field is used internally by Avi, not editable by the user.",
"items": {
"$ref": "ALBNetworkFilter
},
"required": false,
"title": "Networks",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pki_profile_path": {
"description": "Avi will validate the SSL certificate present by a server against the selected PKI Profile. It is a reference to an object of type PKIProfile.",
"required": false,
"title": "Pki profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_PKIPROFILE_RELATIONSHIP",
"rightType": [
"ALBPKIProfile"
]
}
]
},
"placement_networks": {
"description": "Manually select the networks and subnets used to provide reachability to the pool's servers. Specify the Subnet using the following syntax 10-1-1-0/24. Use static routes in VRF configuration when pool servers are not directly connected but routable from the service engine.",
"items": {
"$ref": "ALBPlacementNetwork
},
"required": false,
"title": "Placement networks",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"request_queue_depth": {
"default": 128,
"description": "Minimum number of requests to be queued when pool is full. Allowed in Basic(Allowed values- 128) edition, Essentials(Allowed values- 128) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 128.",
"required": false,
"title": "Request queue depth",
"type": "integer"
},
"request_queue_enabled": {
"default": false,
"description": "Enable request queue when pool is full. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Request queue enabled",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rewrite_host_header_to_server_name": {
"default": false,
"description": "Rewrite incoming Host Header to server name of the server to which the request is proxied. Enabling this feature rewrites Host Header for requests to all servers in the pool. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Rewrite host header to server name",
"type": "boolean"
},
"rewrite_host_header_to_sni": {
"default": false,
"description": "If SNI server name is specified, rewrite incoming host header to the SNI server name. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Rewrite host header to sni",
"type": "boolean"
},
"routing_pool": {
"default": false,
"description": "Enable to do routing when this pool is selected to send traffic. No servers present in routing pool. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Routing pool",
"type": "boolean"
},
"server_name": {
"description": "Fully qualified DNS hostname which will be used in the TLS SNI extension in server connections if SNI is enabled. If no value is specified, Avi will use the incoming host header instead.",
"required": false,
"title": "Server name",
"type": "string"
},
"server_reselect": {
"$ref": "ALBHTTPServerReselect,
"description": "Server reselect configuration for HTTP requests.",
"required": false,
"title": "Server reselect"
},
"server_timeout": {
"default": 0,
"description": "Server timeout value specifies the time within which a server connection needs to be established and a request-response exchange completes between AVI and the server. Value of 0 results in using default timeout of 60 minutes. Allowed values are 0-21600000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 21600000,
"minimum": 0,
"required": false,
"title": "Server timeout",
"type": "integer"
},
"servers": {
"description": "The pool directs load balanced traffic to this list of destination servers. The servers can be configured by IP address, name, network or via IP Address Group. Maximum of 5000 items allowed.",
"items": {
"$ref": "ALBServer
},
"required": false,
"title": "Servers",
"type": "array"
},
"service_metadata": {
"description": "Metadata pertaining to the service provided by this Pool. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage.",
"required": false,
"title": "Service metadata",
"type": "string"
},
"sni_enabled": {
"default": true,
"description": "Enable TLS SNI for server connections. If disabled, Avi will not send the SNI extension as part of the handshake. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Sni enabled",
"type": "boolean"
},
"ssl_key_and_certificate_path": {
"description": "Service Engines will present a client SSL certificate to the server. It is a reference to an object of type SSLKeyAndCertificate.",
"required": false,
"title": "Ssl key and certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_SSLKEYANDCERTIFICATE_RELATIONSHIP",
"rightType": [
"ALBSSLKeyAndCertificate"
]
}
]
},
"ssl_profile_path": {
"description": "When enabled, Avi re-encrypts traffic to the backend servers. The specific SSL profile defines which ciphers and SSL versions will be supported. It is a reference to an object of type SSLProfile.",
"required": false,
"title": "Ssl profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPool"
],
"relationshipType": "ALB_POOL_ALB_SSLPROFILE_RELATIONSHIP",
"rightType": [
"ALBSSLProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier1_path": {
"description": "This tier1_lr field should be set same as VirtualService associated for NSX-T.",
"required": false,
"title": "Tier1 path",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_service_port": {
"default": false,
"description": "Do not translate the client's destination port when sending the connection to the server. The pool or servers specified service port will still be used for health monitoring. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use service port",
"type": "boolean"
},
"vrf_name": {
"description": "Virtual Routing Context that the pool is bound to. This is used to provide the isolation of the set of networks the pool is attached to. The pool inherits the Virtual Routing Conext of the Virtual Service, and this field is used only internally, and is set by pb-transform. It is a reference to an object of type VrfContext.",
"required": false,
"title": "Vrf name",
"type": "string"
}
},
"title": "Pool",
"type": "object"
}
ALBPoolAnalyticsPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PoolAnalyticsPolicy object",
"id": "ALBPoolAnalyticsPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable_realtime_metrics": {
"default": false,
"description": "Enable real time metrics for server and pool metrics eg. l4_server.xxx, l7_server.xxx. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable realtime metrics",
"type": "boolean"
}
},
"title": "PoolAnalyticsPolicy",
"type": "object"
}
ALBPoolApiResponse (type)
{
"additionalProperties": false,
"description": "PoolApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBPoolApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of Pool",
"items": {
"$ref": "ALBPool
},
"required": false,
"title": "Array of Pool",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PoolApiResponse",
"type": "object"
}
ALBPoolDeploymentState (type)
{
"description": "Valid ENUM values for ALBPoolDeploymentState",
"enum": [
"EVALUATION_IN_PROGRESS",
"IN_SERVICE",
"OUT_OF_SERVICE",
"EVALUATION_FAILED"
],
"id": "ALBPoolDeploymentState",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "PoolDeploymentState type",
"type": "string"
}
ALBPoolGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PoolGroup object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBPoolGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_config_cksum": {
"description": "Checksum of cloud configuration for PoolGroup. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"created_by": {
"description": "Name of the user who created the object.",
"required": false,
"title": "Created by",
"type": "string"
},
"deactivate_primary_pool_on_down": {
"default": false,
"description": "Deactivate primary pool for selection when down until it is activated by user via clear poolgroup command. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Deactivate primary pool on down",
"type": "boolean"
},
"deployment_policy_path": {
"description": "When setup autoscale manager will automatically promote new pools into production when deployment goals are met. It is a reference to an object of type PoolGroupDeploymentPolicy.",
"required": false,
"title": "Deployment policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPoolGroup"
],
"relationshipType": "ALB_POOLGROUP_ALB_POOLGROUPDEPLOYMENTPOLICY_RELATIONSHIP",
"rightType": [
"ALBPoolGroupDeploymentPolicy"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_http2": {
"default": false,
"description": "Enable HTTP/2 for traffic from VirtualService to all the backend servers in all the pools configured under this PoolGroup. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable http2",
"type": "boolean"
},
"fail_action": {
"$ref": "ALBFailAction,
"description": "Enable an action - Close Connection, HTTP Redirect, or Local HTTP Response - when a pool group failure happens. By default, a connection will be closed, in case the pool group experiences a failure.",
"required": false,
"title": "Fail action"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"implicit_priority_labels": {
"default": false,
"description": "Whether an implicit set of priority labels is generated. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Implicit priority labels",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"members": {
"description": "List of pool group members object of type PoolGroupMember.",
"items": {
"$ref": "ALBPoolGroupMember
},
"required": false,
"title": "Members",
"type": "array"
},
"min_servers": {
"default": 0,
"description": "The minimum number of servers to distribute traffic to. Allowed values are 1-65535. Special values are 0 - 'Disable'. Allowed in Basic(Allowed values- 0) edition, Essentials(Allowed values- 0) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Min servers",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority_labels_path": {
"description": "path of the priority labels. If not provided, pool group member priority label will be interpreted as a number with a larger number considered higher priority. It is a reference to an object of type PriorityLabels.",
"required": false,
"title": "Priority labels path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPoolGroup"
],
"relationshipType": "ALB_POOLGROUP_ALB_PRIORITYLABELS_RELATIONSHIP",
"rightType": [
"ALBPriorityLabels"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_metadata": {
"description": "Metadata pertaining to the service provided by this PoolGroup. In Openshift/Kubernetes environments, app metadata info is stored. Any user input to this field will be overwritten by Avi Vantage.",
"required": false,
"title": "Service metadata",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "PoolGroup",
"type": "object"
}
ALBPoolGroupApiResponse (type)
{
"additionalProperties": false,
"description": "PoolGroupApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBPoolGroupApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of PoolGroup",
"items": {
"$ref": "ALBPoolGroup
},
"required": false,
"title": "Array of PoolGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PoolGroupApiResponse",
"type": "object"
}
ALBPoolGroupDeploymentPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PoolGroupDeploymentPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBPoolGroupDeploymentPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_disable_old_prod_pools": {
"default": true,
"description": "It will automatically disable old production pools once there is a new production candidate. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Auto disable old prod pools",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evaluation_duration": {
"default": 300,
"description": "Duration of evaluation period for automatic deployment. Allowed values are 60-86400. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300.",
"maximum": 86400,
"minimum": 60,
"required": false,
"title": "Evaluation duration",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"description": "Placeholder for description of property rules of obj type PoolGroupDeploymentPolicy field type str type array.",
"items": {
"$ref": "ALBPGDeploymentRule
},
"required": false,
"title": "Rules",
"type": "array"
},
"scheme": {
"$ref": "ALBPoolGroupDeploymentScheme,
"default": "BLUE_GREEN",
"description": "deployment scheme. Enum options - BLUE_GREEN, CANARY. Default value when not specified in API or module is interpreted by ALB Controller as BLUE_GREEN.",
"required": false,
"title": "Scheme"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_test_traffic_ratio": {
"default": 100,
"description": "Target traffic ratio before pool is made production. Allowed values are 1-100. Unit is RATIO. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Target test traffic ratio",
"type": "integer"
},
"test_traffic_ratio_rampup": {
"default": 100,
"description": "Ratio of the traffic that is sent to the pool under test. test ratio of 100 means blue green. Allowed values are 1-100. Default value when not specified in API or module is interpreted by ALB Controller as 100.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Test traffic ratio rampup",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"webhook_path": {
"description": "Webhook configured with URL that Avi controller will pass back information about pool group, old and new pool information and current deployment rule results. It is a reference to an object of type Webhook.",
"required": false,
"title": "Webhook path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPoolGroupDeploymentPolicy"
],
"relationshipType": "ALB_POOLGROUPDEPLOYMENTPOLICY_ALB_WEBHOOK_RELATIONSHIP",
"rightType": [
"ALBWebhook"
]
}
]
}
},
"title": "PoolGroupDeploymentPolicy",
"type": "object"
}
ALBPoolGroupDeploymentPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "PoolGroupDeploymentPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBPoolGroupDeploymentPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of PoolGroupDeploymentPolicy",
"items": {
"$ref": "ALBPoolGroupDeploymentPolicy
},
"required": false,
"title": "Array of PoolGroupDeploymentPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PoolGroupDeploymentPolicyApiResponse",
"type": "object"
}
ALBPoolGroupDeploymentScheme (type)
{
"description": "Valid ENUM values for ALBPoolGroupDeploymentScheme",
"enum": [
"BLUE_GREEN",
"CANARY"
],
"id": "ALBPoolGroupDeploymentScheme",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "PoolGroupDeploymentScheme type",
"type": "string"
}
ALBPoolGroupMember (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PoolGroupMember object",
"id": "ALBPoolGroupMember",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"deployment_state": {
"$ref": "ALBPoolDeploymentState,
"description": "Pool deployment state used with the PG deployment policy. Enum options - EVALUATION_IN_PROGRESS, IN_SERVICE, OUT_OF_SERVICE, EVALUATION_FAILED.",
"required": false,
"title": "Deployment state"
},
"pool_path": {
"description": "path of the pool. It is a reference to an object of type Pool.",
"required": true,
"title": "Pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBPoolGroup"
],
"relationshipType": "ALB_POOLGROUP_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
},
"priority_label": {
"description": "All pools with same label are treated similarly in a pool group. A pool with a higher priority is selected, as long as the pool is eligible or an explicit policy chooses a different pool.",
"required": false,
"title": "Priority label",
"type": "string"
},
"ratio": {
"default": 1,
"description": "Ratio of selecting eligible pools in the pool group. Allowed values are 1-1000. Special values are 0 - 'Do not select this pool for new connections'. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Ratio",
"type": "integer"
}
},
"title": "PoolGroupMember",
"type": "object"
}
ALBPoolServer (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PoolServer object",
"id": "ALBPoolServer",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"hostname": {
"description": "DNS resolvable name of the server. May be used in place of the IP address.",
"required": false,
"title": "Hostname",
"type": "string"
},
"ip": {
"$ref": "ALBIpAddr,
"description": "IP address of the server in the poool.",
"required": true,
"title": "Ip"
},
"port": {
"description": "Port of the pool server listening for HTTP/HTTPS. Default value is the default port in the pool. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Port",
"type": "integer"
}
},
"title": "PoolServer",
"type": "object"
}
ALBPortMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PortMatch object",
"id": "ALBPortMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for port matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"ports": {
"description": "Listening TCP port(s). Allowed values are 1-65535. Minimum of 1 items required.",
"items": {
"type": "integer"
},
"required": true,
"title": "Ports",
"type": "array"
}
},
"title": "PortMatch",
"type": "object"
}
ALBPortRange (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PortRange object",
"id": "ALBPortRange",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"end": {
"description": "TCP/UDP port range end (inclusive). Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "End",
"type": "integer"
},
"start": {
"description": "TCP/UDP port range start (inclusive). Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Start",
"type": "integer"
}
},
"title": "PortRange",
"type": "object"
}
ALBPriorityLabels (type)
{
"additionalProperties": false,
"description": "Advanced load balancer PriorityLabels object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBPriorityLabels",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"equivalent_labels": {
"description": "Equivalent priority labels in descending order.",
"items": {
"$ref": "ALBEquivalentLabels
},
"required": false,
"title": "Equivalent labels",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "PriorityLabels",
"type": "object"
}
ALBPriorityLabelsApiResponse (type)
{
"additionalProperties": false,
"description": "PriorityLabelsApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBPriorityLabelsApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of PriorityLabels",
"items": {
"$ref": "ALBPriorityLabels
},
"required": false,
"title": "Array of PriorityLabels",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PriorityLabelsApiResponse",
"type": "object"
}
ALBProtocol (type)
{
"description": "Valid ENUM values for ALBProtocol",
"enum": [
"PROTOCOL_ICMP",
"PROTOCOL_TCP",
"PROTOCOL_UDP"
],
"id": "ALBProtocol",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "Protocol type",
"type": "string"
}
ALBProtocolMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ProtocolMatch object",
"id": "ALBProtocolMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBMatchOperation,
"description": "Criterion to use for protocol matching the HTTP request. Enum options - IS_IN, IS_NOT_IN.",
"required": true,
"title": "Match criteria"
},
"protocols": {
"$ref": "ALBHTTPProtocol,
"description": "HTTP or HTTPS protocol. Enum options - HTTP, HTTPS.",
"required": true,
"title": "Protocols"
}
},
"title": "ProtocolMatch",
"type": "object"
}
ALBProtocolParser (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ProtocolParser object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBProtocolParser",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"parser_code": {
"description": "Command script provided inline.",
"required": true,
"title": "Parser code",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "ProtocolParser",
"type": "object"
}
ALBProtocolParserApiResponse (type)
{
"additionalProperties": false,
"description": "ProtocolParserApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBProtocolParserApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ProtocolParser",
"items": {
"$ref": "ALBProtocolParser
},
"required": false,
"title": "Array of ProtocolParser",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ProtocolParserApiResponse",
"type": "object"
}
ALBProtocolType (type)
{
"description": "Valid ENUM values for ALBProtocolType",
"enum": [
"PROTOCOL_TYPE_TCP_PROXY",
"PROTOCOL_TYPE_TCP_FAST_PATH",
"PROTOCOL_TYPE_UDP_FAST_PATH",
"PROTOCOL_TYPE_UDP_PROXY"
],
"id": "ALBProtocolType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ProtocolType type",
"type": "string"
}
ALBProxyProtocolVersion (type)
{
"description": "Valid ENUM values for ALBProxyProtocolVersion",
"enum": [
"PROXY_PROTOCOL_VERSION_1",
"PROXY_PROTOCOL_VERSION_2"
],
"id": "ALBProxyProtocolVersion",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ProxyProtocolVersion type",
"type": "string"
}
ALBQueryMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer QueryMatch object",
"id": "ALBQueryMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "Case sensitivity to use for the match. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_criteria": {
"$ref": "ALBQueryMatchOperation,
"description": "Criterion to use for matching the query in HTTP request URI. Enum options - QUERY_MATCH_CONTAINS.",
"required": true,
"title": "Match criteria"
},
"match_str": {
"description": "String value(s).",
"items": {
"type": "string"
},
"required": false,
"title": "Match str",
"type": "array"
},
"string_group_paths": {
"description": "path of the string group(s). It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "String group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBHTTPPolicySet"
],
"relationshipType": "ALB_HTTPPOLICYSET_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
}
},
"title": "QueryMatch",
"type": "object"
}
ALBQueryMatchOperation (type)
{
"description": "Valid ENUM values for ALBQueryMatchOperation",
"enum": [
"QUERY_MATCH_CONTAINS"
],
"id": "ALBQueryMatchOperation",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "QueryMatchOperation type",
"type": "string"
}
ALBRateLimiter (type)
{
"additionalProperties": false,
"description": "Advanced load balancer RateLimiter object",
"id": "ALBRateLimiter",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"burst_sz": {
"default": 0,
"description": "Maximum number of connections, requests or packets to be let through instantaneously. If this is less than count, it will have no effect. Allowed values are 0-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000000000,
"minimum": 0,
"required": false,
"title": "Burst sz",
"type": "integer"
},
"count": {
"default": 1000000000,
"description": "Maximum number of connections, requests or packets permitted each period. Allowed values are 1-1000000000. Default value when not specified in API or module is interpreted by ALB Controller as 1000000000.",
"maximum": 1000000000,
"minimum": 1,
"required": false,
"title": "Count",
"type": "integer"
},
"name": {
"description": "Identifier for Rate Limit. Constructed according to context.",
"required": false,
"title": "Name",
"type": "string"
},
"period": {
"default": 1,
"description": "Time value in seconds to enforce rate count. Allowed values are 1-1000000000. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 1000000000,
"minimum": 1,
"required": false,
"title": "Period",
"type": "integer"
}
},
"title": "RateLimiter",
"type": "object"
}
ALBRateLimiterAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer RateLimiterAction object",
"id": "ALBRateLimiterAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"file": {
"$ref": "ALBHTTPLocalFile,
"description": "File to be used for HTTP Local response rate limit action.",
"required": false,
"title": "File"
},
"redirect": {
"$ref": "ALBHTTPRedirectAction,
"description": "Parameters for HTTP Redirect rate limit action.",
"required": false,
"title": "Redirect"
},
"status_code": {
"$ref": "ALBHTTPLocalResponseStatusCode,
"default": "HTTP_LOCAL_RESPONSE_STATUS_CODE_429",
"description": "HTTP status code for Local Response rate limit action. Enum options - HTTP_LOCAL_RESPONSE_STATUS_CODE_200, HTTP_LOCAL_RESPONSE_STATUS_CODE_204, HTTP_LOCAL_RESPONSE_STATUS_CODE_403, HTTP_LOCAL_RESPONSE_STATUS_CODE_404, HTTP_LOCAL_RESPONSE_STATUS_CODE_429, HTTP_LOCAL_RESPONSE_STATUS_CODE_501. Default value when not specified in API or module is interpreted by ALB Controller as HTTP_LOCAL_RESPONSE_STATUS_CODE_429.",
"required": false,
"title": "Status code"
},
"type": {
"$ref": "ALBRateLimiterActionType,
"default": "RL_ACTION_NONE",
"description": "Type of action to be enforced upon hitting the rate limit. Enum options - RL_ACTION_NONE, RL_ACTION_DROP_CONN, RL_ACTION_RESET_CONN, RL_ACTION_CLOSE_CONN, RL_ACTION_LOCAL_RSP, RL_ACTION_REDIRECT. Default value when not specified in API or module is interpreted by ALB Controller as RL_ACTION_NONE.",
"required": false,
"title": "Type"
}
},
"title": "RateLimiterAction",
"type": "object"
}
ALBRateLimiterActionType (type)
{
"description": "Valid ENUM values for ALBRateLimiterActionType",
"enum": [
"RL_ACTION_NONE",
"RL_ACTION_DROP_CONN",
"RL_ACTION_RESET_CONN",
"RL_ACTION_CLOSE_CONN",
"RL_ACTION_LOCAL_RSP",
"RL_ACTION_REDIRECT"
],
"id": "ALBRateLimiterActionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "RateLimiterActionType type",
"type": "string"
}
ALBRateLimiterProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer RateLimiterProfile object",
"id": "ALBRateLimiterProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip_connections_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all connections made from any single client IP address to the Virtual Service.",
"required": false,
"title": "Client ip connections rate limit"
},
"client_ip_failed_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all requests from a client for a specified period of time once the count of failed requests from that client crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests.",
"required": false,
"title": "Client ip failed requests rate limit"
},
"client_ip_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all HTTP requests from any single client IP address to all URLs of the Virtual Service.",
"required": false,
"title": "Client ip requests rate limit"
},
"client_ip_scanners_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Automatically track clients and classify them into 3 groups - Good, Bad, Unknown. Clients are tracked based on their IP Address. Clients are added to the Good group when the Avi Scan Detection system builds history of requests from them that complete successfully. Clients are added to Unknown group when there is insufficient history about them. Requests from such clients are rate limited to the rate specified in the RateProfile. Finally, Clients with history of failed requests are added to Bad group and their requests are rate limited with stricter thresholds than the Unknown Clients group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown client IPs group membership changes dynamically with the changes in traffic patterns through the ADC.",
"required": false,
"title": "Client ip scanners requests rate limit"
},
"client_ip_to_uri_failed_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all requests from a client to a URI for a specified period of time once the count of failed requests from that client to the URI crosses a threshold for that period. Clients are tracked based on their IP address. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests.",
"required": false,
"title": "Client ip to uri failed requests rate limit"
},
"client_ip_to_uri_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all HTTP requests from any single client IP address to any single URL.",
"required": false,
"title": "Client ip to uri requests rate limit"
},
"custom_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all HTTP requests that map to any custom string.",
"required": false,
"title": "Custom requests rate limit"
},
"http_header_rate_limits": {
"description": "Rate Limit all HTTP requests from all client IP addresses that contain any single HTTP header value.",
"items": {
"$ref": "ALBRateProfile
},
"required": false,
"title": "Http header rate limits",
"type": "array"
},
"uri_failed_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all requests to a URI for a specified period of time once the count of failed requests to that URI crosses a threshold for that period. Count and time period are specified through the RateProfile. Requests are deemed failed based on client or server side error status codes, consistent with how Avi Logs and Metrics subsystems mark failed requests.",
"required": false,
"title": "Uri failed requests rate limit"
},
"uri_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate Limit all HTTP requests from all client IP addresses to any single URL.",
"required": false,
"title": "Uri requests rate limit"
},
"uri_scanners_requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Automatically track URIs and classify them into 3 groups - Good, Bad, Unknown. URIs are added to the Good group when the Avi Scan Detection system builds history of requests to URIs that complete successfully. URIs are added to Unknown group when there is insufficient history about them. Requests for such URIs are rate limited to the rate specified in the RateProfile. Finally, URIs with history of failed requests are added to Bad group and requests to them are rate limited with stricter thresholds than the Unknown URIs group. The Avi Scan Detection system automatically tunes itself so that the Good, Bad, and Unknown URIs group membership changes dynamically with the changes in traffic patterns through the ADC.",
"required": false,
"title": "Uri scanners requests rate limit"
}
},
"title": "RateLimiterProfile",
"type": "object"
}
ALBRateProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer RateProfile object",
"id": "ALBRateProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBRateLimiterAction,
"description": "Action to perform upon rate limiting.",
"required": true,
"title": "Action"
},
"explicit_tracking": {
"default": false,
"description": "Explicitly tracks an attacker across rate periods. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Explicit tracking",
"type": "boolean"
},
"fine_grain": {
"default": false,
"description": "Enable fine granularity. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Fine grain",
"type": "boolean"
},
"http_cookie": {
"description": "HTTP cookie name.",
"required": false,
"title": "Http cookie",
"type": "string"
},
"http_header": {
"description": "HTTP header name.",
"required": false,
"title": "Http header",
"type": "string"
},
"rate_limiter": {
"$ref": "ALBRateLimiter,
"description": "The rate limiter configuration for this rate profile.",
"required": false,
"title": "Rate limiter"
}
},
"title": "RateProfile",
"type": "object"
}
ALBReplaceStringType (type)
{
"description": "Valid ENUM values for ALBReplaceStringType",
"enum": [
"DATASCRIPT_VAR",
"HTTP_HEADER_VAR",
"LITERAL_STRING"
],
"id": "ALBReplaceStringType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "ReplaceStringType type",
"type": "string"
}
ALBReplaceStringVar (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ReplaceStringVar object",
"id": "ALBReplaceStringVar",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"type": {
"$ref": "ALBReplaceStringType,
"description": "Type of replacement string - can be a variable exposed from datascript, value of an HTTP header or a custom user-input literal string. Enum options - DATASCRIPT_VAR, HTTP_HEADER_VAR, LITERAL_STRING.",
"required": false,
"title": "Type"
},
"val": {
"description": "Value of the replacement string - name of variable exposed from datascript, name of the HTTP header or a custom user-input literal string.",
"required": false,
"title": "Val",
"type": "string"
}
},
"title": "ReplaceStringVar",
"type": "object"
}
ALBResponseMatchTarget (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ResponseMatchTarget object",
"id": "ALBResponseMatchTarget",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip": {
"$ref": "ALBIpAddrMatch,
"description": "Configure client ip addresses.",
"required": false,
"title": "Client ip"
},
"cookie": {
"$ref": "ALBCookieMatch,
"description": "Configure HTTP cookie(s).",
"required": false,
"title": "Cookie"
},
"hdrs": {
"description": "Configure HTTP headers.",
"items": {
"$ref": "ALBHdrMatch
},
"required": false,
"title": "Hdrs",
"type": "array"
},
"host_hdr": {
"$ref": "ALBHostHdrMatch,
"description": "Configure the host header.",
"required": false,
"title": "Host hdr"
},
"loc_hdr": {
"$ref": "ALBLocationHdrMatch,
"description": "Configure the location header.",
"required": false,
"title": "Loc hdr"
},
"method": {
"$ref": "ALBMethodMatch,
"description": "Configure HTTP methods.",
"required": false,
"title": "Method"
},
"path": {
"$ref": "ALBPathMatch,
"description": "Configure request paths.",
"required": false,
"title": "Path"
},
"protocol": {
"$ref": "ALBProtocolMatch,
"description": "Configure the type of HTTP protocol.",
"required": false,
"title": "Protocol"
},
"query": {
"$ref": "ALBQueryMatch,
"description": "Configure request query.",
"required": false,
"title": "Query"
},
"rsp_hdrs": {
"description": "Configure the HTTP headers in response.",
"items": {
"$ref": "ALBHdrMatch
},
"required": false,
"title": "Rsp hdrs",
"type": "array"
},
"status": {
"$ref": "ALBHTTPStatusMatch,
"description": "Configure the HTTP status code(s).",
"required": false,
"title": "Status"
},
"version": {
"$ref": "ALBHTTPVersionMatch,
"description": "Configure versions of the HTTP protocol.",
"required": false,
"title": "Version"
},
"vs_port": {
"$ref": "ALBPortMatch,
"description": "Configure virtual service ports.",
"required": false,
"title": "Vs port"
}
},
"title": "ResponseMatchTarget",
"type": "object"
}
ALBRoleFilterMatchLabel (type)
{
"additionalProperties": false,
"description": "Advanced load balancer RoleFilterMatchLabel object",
"id": "ALBRoleFilterMatchLabel",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"key": {
"description": "Key for filter match.",
"required": true,
"title": "Key",
"type": "string"
},
"values": {
"description": "Values for filter match. Multiple values will be evaluated as OR. Example key = value1 OR key = value2. Behavior for match is key = (STAR) if this field is empty.",
"items": {
"type": "string"
},
"required": false,
"title": "Values",
"type": "array"
}
},
"title": "RoleFilterMatchLabel",
"type": "object"
}
ALBSAMLSPConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SAMLSPConfig object",
"id": "ALBSAMLSPConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"cookie_name": {
"description": "HTTP cookie name for authenticated session.",
"required": false,
"title": "Cookie name",
"type": "string"
},
"cookie_timeout": {
"default": 60,
"description": "Cookie timeout in minutes. Allowed values are 1-1440. Unit is MIN. Default value when not specified in API or module is interpreted by ALB Controller as 60.",
"maximum": 1440,
"minimum": 1,
"required": false,
"title": "Cookie timeout",
"type": "integer"
},
"entity_id": {
"description": "Globally unique SAML entityID for this node. The SAML application entity ID on the IDP should match this.",
"required": true,
"title": "Entity id",
"type": "string"
},
"key": {
"description": "Key to generate the cookie.",
"items": {
"$ref": "ALBHttpCookiePersistenceKey
},
"required": false,
"title": "Key",
"type": "array"
},
"signing_ssl_key_and_certificate_path": {
"description": "SP will use this SSL certificate to sign requests going to the IdP and decrypt the assertions coming from IdP. It is a reference to an object of type SSLKeyAndCertificate.",
"required": false,
"title": "Signing ssl key and certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SSLKEYANDCERTIFICATE_RELATIONSHIP",
"rightType": [
"ALBSSLKeyAndCertificate"
]
}
]
},
"single_signon_url": {
"description": "SAML Single Signon URL to be programmed on the IDP.",
"required": true,
"title": "Single signon url",
"type": "string"
},
"sp_metadata": {
"description": "SAML SP metadata for this application.",
"required": false,
"title": "Sp metadata",
"type": "string"
},
"use_idp_session_timeout": {
"description": "By enabling this field IdP can control how long the SP session can exist through the SessionNotOnOrAfter field in the AuthNStatement of SAML Response.",
"required": false,
"title": "Use idp session timeout",
"type": "boolean"
}
},
"title": "SAMLSPConfig",
"type": "object"
}
ALBSSLCertificate (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLCertificate object",
"id": "ALBSSLCertificate",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"certificate": {
"description": "certificate of SSLCertificate.",
"required": false,
"title": "Certificate",
"type": "string"
},
"certificate_signing_request": {
"description": "certificate_signing_request of SSLCertificate.",
"required": false,
"title": "Certificate signing request",
"type": "string"
},
"chain_verified": {
"description": "Placeholder for description of property chain_verified of obj type SSLCertificate field type str type boolean.",
"required": false,
"title": "Chain verified",
"type": "boolean"
},
"days_until_expire": {
"default": 365,
"description": "Number of days_until_expire. Default value when not specified in API or module is interpreted by ALB Controller as 365.",
"minimum": 1,
"required": false,
"title": "Days until expire",
"type": "integer"
},
"expiry_status": {
"$ref": "ALBSSLCertificateExpiryStatus,
"default": "SSL_CERTIFICATE_GOOD",
"description": "Enum options - SSL_CERTIFICATE_GOOD, SSL_CERTIFICATE_EXPIRY_WARNING, SSL_CERTIFICATE_EXPIRED. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_GOOD.",
"required": false,
"title": "Expiry status"
},
"fingerprint": {
"description": "fingerprint of SSLCertificate.",
"required": false,
"title": "Fingerprint",
"type": "string"
},
"issuer": {
"$ref": "ALBSSLCertificateDescription,
"description": "Placeholder for description of property issuer of obj type SSLCertificate field type str type ref.",
"required": false,
"title": "Issuer"
},
"key_params": {
"$ref": "ALBSSLKeyParams,
"description": "Placeholder for description of property key_params of obj type SSLCertificate field type str type ref.",
"required": false,
"title": "Key params"
},
"not_after": {
"description": "not_after of SSLCertificate.",
"required": false,
"title": "Not after",
"type": "string"
},
"not_before": {
"description": "not_before of SSLCertificate.",
"required": false,
"title": "Not before",
"type": "string"
},
"public_key": {
"description": "public_key of SSLCertificate.",
"required": false,
"title": "Public key",
"type": "string"
},
"self_signed": {
"description": "Placeholder for description of property self_signed of obj type SSLCertificate field type str type boolean.",
"required": false,
"title": "Self signed",
"type": "boolean"
},
"serial_number": {
"description": "serial_number of SSLCertificate.",
"required": false,
"title": "Serial number",
"type": "string"
},
"signature": {
"description": "signature of SSLCertificate.",
"required": false,
"title": "Signature",
"type": "string"
},
"signature_algorithm": {
"description": "signature_algorithm of SSLCertificate.",
"required": false,
"title": "Signature algorithm",
"type": "string"
},
"subject": {
"$ref": "ALBSSLCertificateDescription,
"description": "Placeholder for description of property subject of obj type SSLCertificate field type str type ref.",
"required": false,
"title": "Subject"
},
"subject_alt_names": {
"description": "subjectAltName that provides additional subject identities.",
"items": {
"type": "string"
},
"required": false,
"title": "Subject alt names",
"type": "array"
},
"text": {
"description": "text of SSLCertificate.",
"required": false,
"title": "Text",
"type": "string"
},
"version": {
"description": "version of SSLCertificate.",
"required": false,
"title": "Version",
"type": "string"
}
},
"title": "SSLCertificate",
"type": "object"
}
ALBSSLCertificateDescription (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLCertificateDescription object",
"id": "ALBSSLCertificateDescription",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"common_name": {
"description": "common_name of SSLCertificateDescription.",
"required": false,
"title": "Common name",
"type": "string"
},
"country": {
"description": "country of SSLCertificateDescription.",
"required": false,
"title": "Country",
"type": "string"
},
"distinguished_name": {
"description": "distinguished_name of SSLCertificateDescription.",
"required": false,
"title": "Distinguished name",
"type": "string"
},
"email_address": {
"description": "email_address of SSLCertificateDescription.",
"required": false,
"title": "Email address",
"type": "string"
},
"locality": {
"description": "locality of SSLCertificateDescription.",
"required": false,
"title": "Locality",
"type": "string"
},
"organization": {
"description": "organization of SSLCertificateDescription.",
"required": false,
"title": "Organization",
"type": "string"
},
"organization_unit": {
"description": "organization_unit of SSLCertificateDescription.",
"required": false,
"title": "Organization unit",
"type": "string"
},
"state": {
"description": "state of SSLCertificateDescription.",
"required": false,
"title": "State",
"type": "string"
}
},
"title": "SSLCertificateDescription",
"type": "object"
}
ALBSSLCertificateExpiryStatus (type)
{
"description": "Valid ENUM values for ALBSSLCertificateExpiryStatus",
"enum": [
"SSL_CERTIFICATE_GOOD",
"SSL_CERTIFICATE_EXPIRY_WARNING",
"SSL_CERTIFICATE_EXPIRED"
],
"id": "ALBSSLCertificateExpiryStatus",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLCertificateExpiryStatus type",
"type": "string"
}
ALBSSLCertificateStatus (type)
{
"description": "Valid ENUM values for ALBSSLCertificateStatus",
"enum": [
"SSL_CERTIFICATE_FINISHED",
"SSL_CERTIFICATE_PENDING"
],
"id": "ALBSSLCertificateStatus",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLCertificateStatus type",
"type": "string"
}
ALBSSLCertificateType (type)
{
"description": "Valid ENUM values for ALBSSLCertificateType",
"enum": [
"SSL_CERTIFICATE_TYPE_VIRTUALSERVICE",
"SSL_CERTIFICATE_TYPE_SYSTEM",
"SSL_CERTIFICATE_TYPE_CA"
],
"id": "ALBSSLCertificateType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLCertificateType type",
"type": "string"
}
ALBSSLClientCertificateAction (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLClientCertificateAction object",
"id": "ALBSSLClientCertificateAction",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"close_connection": {
"default": false,
"description": "Placeholder for description of property close_connection of obj type SSLClientCertificateAction field type str type boolean. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Close connection",
"type": "boolean"
},
"headers": {
"description": "Placeholder for description of property headers of obj type SSLClientCertificateAction field type str type array.",
"items": {
"$ref": "ALBSSLClientRequestHeader
},
"required": false,
"title": "Headers",
"type": "array"
}
},
"title": "SSLClientCertificateAction",
"type": "object"
}
ALBSSLClientCertificateMode (type)
{
"description": "Valid ENUM values for ALBSSLClientCertificateMode",
"enum": [
"SSL_CLIENT_CERTIFICATE_NONE",
"SSL_CLIENT_CERTIFICATE_REQUEST",
"SSL_CLIENT_CERTIFICATE_REQUIRE"
],
"id": "ALBSSLClientCertificateMode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLClientCertificateMode type",
"type": "string"
}
ALBSSLClientRequestHeader (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLClientRequestHeader object",
"id": "ALBSSLClientRequestHeader",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"request_header": {
"description": "If this header exists, reset the connection. If the ssl variable is specified, add a header with this value.",
"required": false,
"title": "Request header",
"type": "string"
},
"request_header_value": {
"$ref": "ALBHTTPPolicyVar,
"description": "Set the request header with the value as indicated by this SSL variable. Eg. send the whole certificate in PEM format. Enum options - HTTP_POLICY_VAR_CLIENT_IP, HTTP_POLICY_VAR_VS_PORT, HTTP_POLICY_VAR_VS_IP, HTTP_POLICY_VAR_HTTP_HDR, HTTP_POLICY_VAR_SSL_CLIENT_FINGERPRINT, HTTP_POLICY_VAR_SSL_CLIENT_SERIAL, HTTP_POLICY_VAR_SSL_CLIENT_ISSUER, HTTP_POLICY_VAR_SSL_CLIENT_SUBJECT, HTTP_POLICY_VAR_SSL_CLIENT_RAW, HTTP_POLICY_VAR_SSL_PROTOCOL, HTTP_POLICY_VAR_SSL_SERVER_NAME, HTTP_POLICY_VAR_USER_NAME, HTTP_POLICY_VAR_SSL_CIPHER, HTTP_POLICY_VAR_REQUEST_ID, HTTP_POLICY_VAR_SSL_CLIENT_VERSION, HTTP_POLICY_VAR_SSL_CLIENT_SIGALG, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDBEFORE, HTTP_POLICY_VAR_SSL_CLIENT_NOTVALIDAFTER.",
"required": false,
"title": "Request header value"
}
},
"title": "SSLClientRequestHeader",
"type": "object"
}
ALBSSLFormat (type)
{
"description": "Valid ENUM values for ALBSSLFormat",
"enum": [
"SSL_PEM",
"SSL_PKCS12"
],
"id": "ALBSSLFormat",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLFormat type",
"type": "string"
}
ALBSSLKeyAlgorithm (type)
{
"description": "Valid ENUM values for ALBSSLKeyAlgorithm",
"enum": [
"SSL_KEY_ALGORITHM_RSA",
"SSL_KEY_ALGORITHM_EC"
],
"id": "ALBSSLKeyAlgorithm",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLKeyAlgorithm type",
"type": "string"
}
ALBSSLKeyAndCertificate (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLKeyAndCertificate object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBSSLKeyAndCertificate",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"ca_certs": {
"description": "CA certificates in certificate chain.",
"items": {
"$ref": "ALBCertificateAuthority
},
"required": false,
"title": "Ca certs",
"type": "array"
},
"certificate": {
"$ref": "ALBSSLCertificate,
"description": "Placeholder for description of property certificate of obj type SSLKeyAndCertificate field type str type ref.",
"required": true,
"title": "Certificate"
},
"certificate_base64": {
"default": false,
"description": "States if the certificate is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Certificate base64",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dynamic_params": {
"description": "Dynamic parameters needed for certificate management profile.",
"items": {
"$ref": "ALBCustomParams
},
"required": false,
"title": "Dynamic params",
"type": "array"
},
"enable_ocsp_stapling": {
"default": false,
"description": "Enables OCSP Stapling. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable ocsp stapling",
"type": "boolean"
},
"enckey_base64": {
"description": "Encrypted private key corresponding to the private key (e.g. those generated by an HSM such as Thales nShield).",
"required": false,
"title": "Enckey base64",
"type": "string"
},
"enckey_name": {
"description": "Name of the encrypted private key (e.g. those generated by an HSM such as Thales nShield).",
"required": false,
"title": "Enckey name",
"type": "string"
},
"format": {
"$ref": "ALBSSLFormat,
"default": "SSL_PEM",
"description": "Format of the Key/Certificate file. Enum options - SSL_PEM, SSL_PKCS12. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PEM.",
"required": false,
"title": "Format"
},
"hardwaresecuritymodulegroup_path": {
"description": "It is a reference to an object of type HardwareSecurityModuleGroup.",
"required": false,
"title": "Hardwaresecuritymodulegroup path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBSSLKeyAndCertificate"
],
"relationshipType": "ALB_SSLKEYANDCERTIFICATE_ALB_HARDWARESECURITYMODULEGROUP_RELATIONSHIP",
"rightType": [
"ALBHardwareSecurityModuleGroup"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"description": "Private key.",
"required": false,
"sensitive": true,
"title": "Key",
"type": "string"
},
"key_base64": {
"default": false,
"description": "States if the private key is base64 encoded. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Key base64",
"type": "boolean"
},
"key_params": {
"$ref": "ALBSSLKeyParams,
"description": "Placeholder for description of property key_params of obj type SSLKeyAndCertificate field type str type ref.",
"required": false,
"title": "Key params"
},
"key_passphrase": {
"description": "Passphrase used to encrypt the private key.",
"required": false,
"sensitive": true,
"title": "Key passphrase",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"ocsp_config": {
"$ref": "ALBOCSPConfig,
"description": "Configuration related to OCSP. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Ocsp config"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"$ref": "ALBSSLCertificateStatus,
"default": "SSL_CERTIFICATE_FINISHED",
"description": "Enum options - SSL_CERTIFICATE_FINISHED, SSL_CERTIFICATE_PENDING. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CERTIFICATE_FINISHED.",
"required": false,
"title": "Status"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ALBSSLCertificateType,
"description": "Enum options - SSL_CERTIFICATE_TYPE_VIRTUALSERVICE, SSL_CERTIFICATE_TYPE_SYSTEM, SSL_CERTIFICATE_TYPE_CA.",
"required": false,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SSLKeyAndCertificate",
"type": "object"
}
ALBSSLKeyAndCertificateApiResponse (type)
{
"additionalProperties": false,
"description": "SSLKeyAndCertificateApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBSSLKeyAndCertificateApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of SSLKeyAndCertificate",
"items": {
"$ref": "ALBSSLKeyAndCertificate
},
"required": false,
"title": "Array of SSLKeyAndCertificate",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SSLKeyAndCertificateApiResponse",
"type": "object"
}
ALBSSLKeyECCurve (type)
{
"description": "Valid ENUM values for ALBSSLKeyECCurve",
"enum": [
"SSL_KEY_EC_CURVE_SECP256R1",
"SSL_KEY_EC_CURVE_SECP384R1",
"SSL_KEY_EC_CURVE_SECP521R1"
],
"id": "ALBSSLKeyECCurve",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLKeyECCurve type",
"type": "string"
}
ALBSSLKeyECParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLKeyECParams object",
"id": "ALBSSLKeyECParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"curve": {
"$ref": "ALBSSLKeyECCurve,
"default": "SSL_KEY_EC_CURVE_SECP256R1",
"description": "Enum options - SSL_KEY_EC_CURVE_SECP256R1, SSL_KEY_EC_CURVE_SECP384R1, SSL_KEY_EC_CURVE_SECP521R1. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_EC_CURVE_SECP256R1.",
"required": false,
"title": "Curve"
}
},
"title": "SSLKeyECParams",
"type": "object"
}
ALBSSLKeyParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLKeyParams object",
"id": "ALBSSLKeyParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"algorithm": {
"$ref": "ALBSSLKeyAlgorithm,
"default": "SSL_KEY_ALGORITHM_RSA",
"description": "Enum options - SSL_KEY_ALGORITHM_RSA, SSL_KEY_ALGORITHM_EC. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_ALGORITHM_RSA.",
"required": true,
"title": "Algorithm"
},
"ec_params": {
"$ref": "ALBSSLKeyECParams,
"description": "Placeholder for description of property ec_params of obj type SSLKeyParams field type str type ref.",
"required": false,
"title": "Ec params"
},
"rsa_params": {
"$ref": "ALBSSLKeyRSAParams,
"description": "Placeholder for description of property rsa_params of obj type SSLKeyParams field type str type ref.",
"required": false,
"title": "Rsa params"
}
},
"title": "SSLKeyParams",
"type": "object"
}
ALBSSLKeyRSAParams (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLKeyRSAParams object",
"id": "ALBSSLKeyRSAParams",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"exponent": {
"default": 65537,
"description": "Number of exponent. Default value when not specified in API or module is interpreted by ALB Controller as 65537.",
"required": false,
"title": "Exponent",
"type": "integer"
},
"key_size": {
"$ref": "ALBSSLRSAKeySize,
"default": "SSL_KEY_2048_BITS",
"description": "Enum options - SSL_KEY_1024_BITS, SSL_KEY_2048_BITS, SSL_KEY_3072_BITS, SSL_KEY_4096_BITS. Default value when not specified in API or module is interpreted by ALB Controller as SSL_KEY_2048_BITS.",
"required": false,
"title": "Key size"
}
},
"title": "SSLKeyRSAParams",
"type": "object"
}
ALBSSLProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBSSLProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"accepted_ciphers": {
"default": "AES:3DES:RC4",
"description": "Ciphers suites represented as defined by https //www.openssl.org/docs/apps/ciphers.html. Default value when not specified in API or module is interpreted by ALB Controller as AES:3DES:RC4.",
"required": false,
"title": "Accepted ciphers",
"type": "string"
},
"accepted_versions": {
"description": "Set of versions accepted by the server. Minimum of 1 items required.",
"items": {
"$ref": "ALBSSLVersion
},
"required": true,
"title": "Accepted versions",
"type": "array"
},
"avi_tags": {
"description": "Placeholder for description of property tags of obj type SSLProfile field type str type array.",
"items": {
"$ref": "ALBTag
},
"required": false,
"title": "Avi tags",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cipher_enums": {
"description": "Enum options - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_AES_256_GCM_SHA384... Allowed in Basic(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Essentials(Allowed values- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA) edition, Enterprise edition.",
"items": {
"$ref": "ALBAcceptedCipherEnums
},
"required": false,
"title": "Cipher enums",
"type": "array"
},
"ciphersuites": {
"default": "TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256",
"description": "TLS 1.3 Ciphers suites represented as defined by U(https //www.openssl.org/docs/manmaster/man1/ciphers.html). Allowed in Basic edition, Essentials edition, Enterprise edition. Special default for Basic edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Essentials edition is TLS_AES_256_GCM_SHA384-TLS_AES_128_GCM_SHA256, Enterprise is TLS_AES_256_GCM_SHA384-TLS_CHACHA20_POLY1305_SHA256-TLS_AES_128_GCM_SHA256. Default value when not specified in API or module is interpreted by ALB Controller as TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256.",
"required": false,
"title": "Ciphersuites",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_early_data": {
"default": false,
"description": "Enable early data processing for TLS1.3 connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable early data",
"type": "boolean"
},
"enable_ssl_session_reuse": {
"default": true,
"description": "Enable SSL session re-use. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable ssl session reuse",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefer_client_cipher_ordering": {
"default": false,
"description": "Prefer the SSL cipher ordering presented by the client during the SSL handshake over the one specified in the SSL Profile. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Prefer client cipher ordering",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"send_close_notify": {
"default": true,
"description": "Send 'close notify' alert message for a clean shutdown of the SSL connection. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Send close notify",
"type": "boolean"
},
"ssl_rating": {
"$ref": "ALBSSLRating,
"description": "Placeholder for description of property ssl_rating of obj type SSLProfile field type str type ref.",
"readonly": true,
"required": false,
"title": "Ssl rating"
},
"ssl_session_timeout": {
"default": 86400,
"description": "The amount of time in seconds before an SSL session expires. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 86400.",
"required": false,
"title": "Ssl session timeout",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ALBSSLProfileType,
"default": "SSL_PROFILE_TYPE_APPLICATION",
"description": "SSL Profile Type. Enum options - SSL_PROFILE_TYPE_APPLICATION, SSL_PROFILE_TYPE_SYSTEM. Default value when not specified in API or module is interpreted by ALB Controller as SSL_PROFILE_TYPE_APPLICATION.",
"required": false,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SSLProfile",
"type": "object"
}
ALBSSLProfileApiResponse (type)
{
"additionalProperties": false,
"description": "SSLProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBSSLProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of SSLProfile",
"items": {
"$ref": "ALBSSLProfile
},
"required": false,
"title": "Array of SSLProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SSLProfileApiResponse",
"type": "object"
}
ALBSSLProfileSelector (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLProfileSelector object",
"id": "ALBSSLProfileSelector",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_ip_list": {
"$ref": "ALBIpAddrMatch,
"description": "Configure client IP address groups.",
"required": true,
"title": "Client ip list"
},
"ssl_profile_path": {
"description": "SSL profile for the client IP addresses listed. It is a reference to an object of type SSLProfile.",
"required": true,
"title": "Ssl profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SSLPROFILE_RELATIONSHIP",
"rightType": [
"ALBSSLProfile"
]
}
]
}
},
"title": "SSLProfileSelector",
"type": "object"
}
ALBSSLProfileType (type)
{
"description": "Valid ENUM values for ALBSSLProfileType",
"enum": [
"SSL_PROFILE_TYPE_APPLICATION",
"SSL_PROFILE_TYPE_SYSTEM"
],
"id": "ALBSSLProfileType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLProfileType type",
"type": "string"
}
ALBSSLRSAKeySize (type)
{
"description": "Valid ENUM values for ALBSSLRSAKeySize",
"enum": [
"SSL_KEY_1024_BITS",
"SSL_KEY_2048_BITS",
"SSL_KEY_3072_BITS",
"SSL_KEY_4096_BITS"
],
"id": "ALBSSLRSAKeySize",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLRSAKeySize type",
"type": "string"
}
ALBSSLRating (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLRating object",
"id": "ALBSSLRating",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"compatibility_rating": {
"$ref": "ALBSSLScore,
"description": "Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT.",
"required": false,
"title": "Compatibility rating"
},
"performance_rating": {
"$ref": "ALBSSLScore,
"description": "Enum options - SSL_SCORE_NOT_SECURE, SSL_SCORE_VERY_BAD, SSL_SCORE_BAD, SSL_SCORE_AVERAGE, SSL_SCORE_GOOD, SSL_SCORE_EXCELLENT.",
"required": false,
"title": "Performance rating"
},
"security_score": {
"description": "security_score of SSLRating.",
"required": false,
"title": "Security score",
"type": "string"
}
},
"title": "SSLRating",
"type": "object"
}
ALBSSLScore (type)
{
"description": "Valid ENUM values for ALBSSLScore",
"enum": [
"SSL_SCORE_NOT_SECURE",
"SSL_SCORE_VERY_BAD",
"SSL_SCORE_BAD",
"SSL_SCORE_AVERAGE",
"SSL_SCORE_GOOD",
"SSL_SCORE_EXCELLENT"
],
"id": "ALBSSLScore",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLScore type",
"type": "string"
}
ALBSSLVersion (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSLVersion object",
"id": "ALBSSLVersion",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"type": {
"$ref": "ALBSSLVersionType,
"default": "SSL_VERSION_TLS1_1",
"description": "Enum options - SSL_VERSION_SSLV3, SSL_VERSION_TLS1, SSL_VERSION_TLS1_1, SSL_VERSION_TLS1_2, SSL_VERSION_TLS1_3. Allowed in Basic(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Essentials(Allowed values- SSL_VERSION_SSLV3,SSL_VERSION_TLS1,SSL_VERSION_TLS1_1,SSL_VERSION_TLS1_2) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_VERSION_TLS1_1.",
"required": true,
"title": "Type"
}
},
"title": "SSLVersion",
"type": "object"
}
ALBSSLVersionType (type)
{
"description": "Valid ENUM values for ALBSSLVersionType",
"enum": [
"SSL_VERSION_SSLV3",
"SSL_VERSION_TLS1",
"SSL_VERSION_TLS1_1",
"SSL_VERSION_TLS1_2",
"SSL_VERSION_TLS1_3"
],
"id": "ALBSSLVersionType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSLVersionType type",
"type": "string"
}
ALBSSOPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SSOPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBSSOPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_policy": {
"$ref": "ALBAuthenticationPolicy,
"description": "Authentication Policy Settings.",
"required": true,
"title": "Authentication policy"
},
"authorization_policy": {
"$ref": "ALBAuthorizationPolicy,
"description": "Authorization Policy Settings.",
"required": false,
"title": "Authorization policy"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ALBSSOPolicyType,
"default": "SSO_TYPE_SAML",
"description": "SSO Policy Type. Enum options - SSO_TYPE_SAML, SSO_TYPE_PINGACCESS, SSO_TYPE_JWT. Default value when not specified in API or module is interpreted by ALB Controller as SSO_TYPE_SAML.",
"required": false,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SSOPolicy",
"type": "object"
}
ALBSSOPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "SSOPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBSSOPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of SSOPolicy",
"items": {
"$ref": "ALBSSOPolicy
},
"required": false,
"title": "Array of SSOPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SSOPolicyApiResponse",
"type": "object"
}
ALBSSOPolicyType (type)
{
"description": "Valid ENUM values for ALBSSOPolicyType",
"enum": [
"SSO_TYPE_SAML",
"SSO_TYPE_PINGACCESS",
"SSO_TYPE_JWT"
],
"id": "ALBSSOPolicyType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SSOPolicyType type",
"type": "string"
}
ALBSamlIdentityProviderSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SamlIdentityProviderSettings object",
"id": "ALBSamlIdentityProviderSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"metadata": {
"description": "SAML IDP metadata.",
"required": false,
"title": "Metadata",
"type": "string"
}
},
"title": "SamlIdentityProviderSettings",
"type": "object"
}
ALBSamlServiceProviderNode (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SamlServiceProviderNode object",
"id": "ALBSamlServiceProviderNode",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"entity_id": {
"description": "Globally unique entityID for this node. Entity ID on the IDP should match this.",
"required": false,
"title": "Entity id",
"type": "string"
},
"name": {
"description": "Refers to the Cluster name identifier (Virtual IP or FQDN).",
"required": true,
"title": "Name",
"type": "string"
},
"signing_ssl_key_and_certificate_path": {
"description": "Service Engines will use this SSL certificate to sign assertions going to the IdP. It is a reference to an object of type SSLKeyAndCertificate.",
"required": false,
"title": "Signing ssl key and certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBAuthProfile"
],
"relationshipType": "ALB_AUTHPROFILE_ALB_SSLKEYANDCERTIFICATE_RELATIONSHIP",
"rightType": [
"ALBSSLKeyAndCertificate"
]
}
]
},
"single_signon_url": {
"description": "Single Signon URL to be programmed on the IDP.",
"required": false,
"title": "Single signon url",
"type": "string"
}
},
"title": "SamlServiceProviderNode",
"type": "object"
}
ALBSamlServiceProviderSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SamlServiceProviderSettings object",
"id": "ALBSamlServiceProviderSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"fqdn": {
"description": "FQDN if entity type is DNS_FQDN .",
"required": false,
"title": "Fqdn",
"type": "string"
},
"org_display_name": {
"description": "Service Provider Organization Display Name.",
"required": false,
"title": "Org display name",
"type": "string"
},
"org_name": {
"description": "Service Provider Organization Name.",
"required": false,
"title": "Org name",
"type": "string"
},
"org_url": {
"description": "Service Provider Organization URL.",
"required": false,
"title": "Org url",
"type": "string"
},
"saml_entity_type": {
"$ref": "ALBAuthSamlEntityType,
"description": "Type of SAML endpoint. Enum options - AUTH_SAML_CLUSTER_VIP, AUTH_SAML_DNS_FQDN, AUTH_SAML_APP_VS.",
"required": false,
"title": "Saml entity type"
},
"sp_nodes": {
"description": "Service Provider node information.",
"items": {
"$ref": "ALBSamlServiceProviderNode
},
"required": false,
"title": "Sp nodes",
"type": "array"
},
"tech_contact_email": {
"description": "Service Provider technical contact email.",
"required": false,
"title": "Tech contact email",
"type": "string"
},
"tech_contact_name": {
"description": "Service Provider technical contact name.",
"required": false,
"title": "Tech contact name",
"type": "string"
}
},
"title": "SamlServiceProviderSettings",
"type": "object"
}
ALBSamlSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SamlSettings object",
"id": "ALBSamlSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"idp": {
"$ref": "ALBSamlIdentityProviderSettings,
"description": "Configure remote Identity provider settings.",
"required": false,
"title": "Idp"
},
"sp": {
"$ref": "ALBSamlServiceProviderSettings,
"description": "Configure service provider settings for the Controller.",
"required": true,
"title": "Sp"
}
},
"title": "SamlSettings",
"type": "object"
}
ALBSeFlowDist (type)
{
"description": "Valid ENUM values for ALBSeFlowDist",
"enum": [
"LOAD_AWARE",
"CONSISTENT_HASH_SOURCE_IP_ADDRESS",
"CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT"
],
"id": "ALBSeFlowDist",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SeFlowDist type",
"type": "string"
}
ALBSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SecurityPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBSecurityPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_attacks": {
"$ref": "ALBDnsAttacks,
"description": "Attacks utilizing the DNS protocol operations.",
"required": false,
"title": "Dns attacks"
},
"dns_policy_index": {
"default": 0,
"description": "Index of the dns policy to use for the mitigation rules applied to the dns attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Dns policy index",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"network_security_policy_index": {
"default": 0,
"description": "Index of the network security policy to use for the mitigation rules applied to the attacks. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Network security policy index",
"type": "integer"
},
"oper_mode": {
"$ref": "ALBOperationMode,
"default": "DETECTION",
"description": "Mode of dealing with the attacks - perform detection only, or detect and mitigate the attacks. Enum options - DETECTION, MITIGATION. Default value when not specified in API or module is interpreted by ALB Controller as DETECTION.",
"required": false,
"title": "Oper mode"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "SecurityPolicy",
"type": "object"
}
ALBSecurityPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "SecurityPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBSecurityPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of SecurityPolicy",
"items": {
"$ref": "ALBSecurityPolicy
},
"required": false,
"title": "Array of SecurityPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SecurityPolicyApiResponse",
"type": "object"
}
ALBSensitiveFieldRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SensitiveFieldRule object",
"id": "ALBSensitiveFieldRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"action": {
"$ref": "ALBLogAction,
"default": "LOG_FIELD_REMOVE",
"description": "Action for the matched log field, for instance the matched field can be removed or masked off. Enum options - LOG_FIELD_REMOVE, LOG_FIELD_MASKOFF. Default value when not specified in API or module is interpreted by ALB Controller as LOG_FIELD_REMOVE.",
"required": false,
"title": "Action"
},
"enabled": {
"default": false,
"description": "Enable rule to match the sensitive fields. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"index": {
"description": "Index of the rule.",
"required": false,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBStringMatch,
"description": "Criterion to use for matching in the Log. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Match"
},
"name": {
"description": "Name of the rule.",
"required": false,
"title": "Name",
"type": "string"
}
},
"title": "SensitiveFieldRule",
"type": "object"
}
ALBSensitiveLogProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SensitiveLogProfile object",
"id": "ALBSensitiveLogProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"header_field_rules": {
"description": "Match sensitive header fields in HTTP application log.",
"items": {
"$ref": "ALBSensitiveFieldRule
},
"required": false,
"title": "Header field rules",
"type": "array"
},
"uri_query_field_rules": {
"description": "Match sensitive URI query params in HTTP application log. Query params from the URI are extracted and checked for matching sensitive parameter names. A successful match will mask the parameter values in accordance with this rule action.",
"items": {
"$ref": "ALBSensitiveFieldRule
},
"required": false,
"title": "Uri query field rules",
"type": "array"
},
"waf_field_rules": {
"description": "Match sensitive WAF log fields in HTTP application log.",
"items": {
"$ref": "ALBSensitiveFieldRule
},
"required": false,
"title": "Waf field rules",
"type": "array"
}
},
"title": "SensitiveLogProfile",
"type": "object"
}
ALBServer (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Server object",
"id": "ALBServer",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"autoscaling_group_name": {
"description": "Name of autoscaling group this server belongs to. Allowed in Essentials edition, Enterprise edition.",
"required": false,
"title": "Autoscaling group name",
"type": "string"
},
"availability_zone": {
"description": "Availability-zone of the server VM.",
"required": false,
"title": "Availability zone",
"type": "string"
},
"description": {
"description": "A description of the Server.",
"required": false,
"title": "Description",
"type": "string"
},
"discovered_networks": {
"description": "(internal-use) Discovered networks providing reachability for server IP. This field is used internally by Avi, not editable by the user.",
"items": {
"$ref": "ALBDiscoveredNetwork
},
"required": false,
"title": "Discovered networks",
"type": "array"
},
"enabled": {
"default": true,
"description": "Enable, Disable or Graceful Disable determine if new or existing connections to the server are allowed. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"external_orchestration_id": {
"description": "UID of server in external orchestration systems.",
"required": false,
"title": "External orchestration id",
"type": "string"
},
"external_uuid": {
"description": "UUID identifying VM in OpenStack and other external compute.",
"required": false,
"title": "External uuid",
"type": "string"
},
"hostname": {
"description": "DNS resolvable name of the server. May be used in place of the IP address.",
"required": false,
"title": "Hostname",
"type": "string"
},
"ip": {
"$ref": "ALBIpAddr,
"description": "IP Address of the server. Required if there is no resolvable host name.",
"required": true,
"title": "Ip"
},
"is_static": {
"default": false,
"description": "If statically learned. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is static",
"type": "boolean"
},
"location": {
"$ref": "ALBGeoLocation,
"description": "(internal-use) Geographic location of the server.Currently only for internal usage. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Location"
},
"mac_address": {
"description": "MAC address of server.",
"required": false,
"title": "Mac address",
"type": "string"
},
"port": {
"description": "Optionally specify the servers port number. This will override the pool's default server port attribute. Allowed values are 1-65535. Special values are 0- 'use backend port in pool'.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port",
"type": "integer"
},
"prst_hdr_val": {
"description": "Header value for custom header persistence.",
"required": false,
"title": "Prst hdr val",
"type": "string"
},
"ratio": {
"default": 1,
"description": "Ratio of selecting eligible servers in the pool. Allowed values are 1-20. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 20,
"minimum": 1,
"required": false,
"title": "Ratio",
"type": "integer"
},
"resolve_server_by_dns": {
"default": false,
"description": "Auto resolve server's IP using DNS name. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Resolve server by dns",
"type": "boolean"
},
"rewrite_host_header": {
"default": false,
"description": "Rewrite incoming Host Header to server name. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Rewrite host header",
"type": "boolean"
},
"server_node": {
"description": "Hostname of the node where the server VM or container resides.",
"required": false,
"title": "Server node",
"type": "string"
},
"verify_network": {
"default": false,
"description": "Verify server belongs to a discovered network or reachable via a discovered network. Verify reachable network isn't the OpenStack management network. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Verify network",
"type": "boolean"
}
},
"title": "Server",
"type": "object"
}
ALBServerAutoScalePolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ServerAutoScalePolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBServerAutoScalePolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"delay_for_server_garbage_collection": {
"default": 0,
"description": "Delay in minutes after which a down server will be removed from Pool. Value 0 disables this functionality. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Delay for server garbage collection",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intelligent_autoscale": {
"default": false,
"description": "Use Avi intelligent autoscale algorithm where autoscale is performed by comparing load on the pool against estimated capacity of all the servers. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Intelligent autoscale",
"type": "boolean"
},
"intelligent_scalein_margin": {
"default": 40,
"description": "Maximum extra capacity as percentage of load used by the intelligent scheme. Scalein is triggered when available capacity is more than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 40.",
"maximum": 99,
"minimum": 1,
"required": false,
"title": "Intelligent scalein margin",
"type": "integer"
},
"intelligent_scaleout_margin": {
"default": 20,
"description": "Minimum extra capacity as percentage of load used by the intelligent scheme. Scaleout is triggered when available capacity is less than this margin. Allowed values are 1-99. Default value when not specified in API or module is interpreted by ALB Controller as 20.",
"maximum": 99,
"minimum": 1,
"required": false,
"title": "Intelligent scaleout margin",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"max_scalein_adjustment_step": {
"default": 1,
"description": "Maximum number of servers to scalein simultaneously. The actual number of servers to scalein is chosen such that target number of servers is always more than or equal to the min_size. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"required": false,
"title": "Max scalein adjustment step",
"type": "integer"
},
"max_scaleout_adjustment_step": {
"default": 1,
"description": "Maximum number of servers to scaleout simultaneously. The actual number of servers to scaleout is chosen such that target number of servers is always less than or equal to the max_size. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"required": false,
"title": "Max scaleout adjustment step",
"type": "integer"
},
"max_size": {
"description": "Maximum number of servers after scaleout. Allowed values are 0-400.",
"maximum": 400,
"minimum": 0,
"required": false,
"title": "Max size",
"type": "integer"
},
"min_size": {
"description": "No scale-in happens once number of operationally up servers reach min_servers. Allowed values are 0-400.",
"maximum": 400,
"minimum": 0,
"required": false,
"title": "Min size",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scalein_cooldown": {
"default": 300,
"description": "Cooldown period during which no new scalein is triggered to allow previous scalein to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300.",
"required": false,
"title": "Scalein cooldown",
"type": "integer"
},
"scaleout_cooldown": {
"default": 300,
"description": "Cooldown period during which no new scaleout is triggered to allow previous scaleout to successfully complete. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300.",
"required": false,
"title": "Scaleout cooldown",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_predicted_load": {
"default": false,
"description": "Use predicted load rather than current load. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use predicted load",
"type": "boolean"
}
},
"title": "ServerAutoScalePolicy",
"type": "object"
}
ALBServerAutoScalePolicyApiResponse (type)
{
"additionalProperties": false,
"description": "ServerAutoScalePolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBServerAutoScalePolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of ServerAutoScalePolicy",
"items": {
"$ref": "ALBServerAutoScalePolicy
},
"required": false,
"title": "Array of ServerAutoScalePolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ServerAutoScalePolicyApiResponse",
"type": "object"
}
ALBService (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Service object",
"id": "ALBService",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable_http2": {
"default": false,
"description": "Enable HTTP2 on this port. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable http2",
"type": "boolean"
},
"enable_ssl": {
"default": false,
"description": "Enable SSL termination and offload for traffic from clients. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable ssl",
"type": "boolean"
},
"override_application_profile_path": {
"description": "Enable application layer specific features for the this specific service. It is a reference to an object of type ApplicationProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Override application profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_APPLICATIONPROFILE_RELATIONSHIP",
"rightType": [
"ALBApplicationProfile"
]
}
]
},
"override_network_profile_path": {
"description": "Override the network profile for this specific service port. It is a reference to an object of type NetworkProfile.",
"required": false,
"title": "Override network profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_NETWORKPROFILE_RELATIONSHIP",
"rightType": [
"ALBNetworkProfile"
]
}
]
},
"port": {
"description": "The Virtual Service's port number. Allowed values are 0-65535.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port",
"type": "integer"
},
"port_range_end": {
"default": 0,
"description": "The end of the Virtual Service's port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port range end",
"type": "integer"
}
},
"title": "Service",
"type": "object"
}
ALBServicePoolSelector (type)
{
"additionalProperties": false,
"description": "Advanced load balancer ServicePoolSelector object",
"id": "ALBServicePoolSelector",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"service_pool_group_path": {
"description": "It is a reference to an object of type PoolGroup.",
"required": false,
"title": "Service pool group path",
"type": "string"
},
"service_pool_path": {
"description": "It is a reference to an object of type Pool.",
"required": false,
"title": "Service pool path",
"type": "string"
},
"service_port": {
"description": "Pool based destination port. Allowed values are 1-65535.",
"maximum": 65535,
"minimum": 1,
"required": true,
"title": "Service port",
"type": "integer"
},
"service_port_range_end": {
"default": 0,
"description": "The end of the Service port number range. Allowed values are 1-65535. Special values are 0- 'single port'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Service port range end",
"type": "integer"
},
"service_protocol": {
"$ref": "ALBProtocolType,
"description": "Destination protocol to match for the pool selection. If not specified, it will match any protocol. Enum options - PROTOCOL_TYPE_TCP_PROXY, PROTOCOL_TYPE_TCP_FAST_PATH, PROTOCOL_TYPE_UDP_FAST_PATH, PROTOCOL_TYPE_UDP_PROXY.",
"required": false,
"title": "Service protocol"
}
},
"title": "ServicePoolSelector",
"type": "object"
}
ALBSidebandProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SidebandProfile object",
"id": "ALBSidebandProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"ip": {
"description": "IP Address of the sideband server.",
"items": {
"$ref": "ALBIpAddr
},
"required": false,
"title": "Ip",
"type": "array"
},
"sideband_max_request_body_size": {
"default": 1024,
"description": "Maximum size of the request body that will be sent on the sideband. Allowed values are 0-16384. Unit is BYTES. Default value when not specified in API or module is interpreted by ALB Controller as 1024.",
"maximum": 16384,
"minimum": 0,
"required": false,
"title": "Sideband max request body size",
"type": "integer"
}
},
"title": "SidebandProfile",
"type": "object"
}
ALBSipMonTransport (type)
{
"description": "Valid ENUM values for ALBSipMonTransport",
"enum": [
"SIP_UDP_PROTO",
"SIP_TCP_PROTO"
],
"id": "ALBSipMonTransport",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SipMonTransport type",
"type": "string"
}
ALBSipRequestCode (type)
{
"description": "Valid ENUM values for ALBSipRequestCode",
"enum": [
"SIP_OPTIONS"
],
"id": "ALBSipRequestCode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "SipRequestCode type",
"type": "string"
}
ALBSipServiceApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer SipServiceApplicationProfile object",
"id": "ALBSipServiceApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"transaction_timeout": {
"default": 32,
"description": "SIP transaction timeout in seconds. Allowed values are 2-512. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 32.",
"maximum": 512,
"minimum": 2,
"required": false,
"title": "Transaction timeout",
"type": "integer"
}
},
"title": "SipServiceApplicationProfile",
"type": "object"
}
ALBStreamingSyslogConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer StreamingSyslogConfig object",
"id": "ALBStreamingSyslogConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"facility": {
"default": 16,
"description": "Facility value, as defined in RFC5424, must be between 0 and 23 inclusive. Allowed values are 0-23. Default value when not specified in API or module is interpreted by ALB Controller as 16.",
"maximum": 23,
"minimum": 0,
"required": false,
"title": "Facility",
"type": "integer"
},
"filtered_log_severity": {
"default": 5,
"description": "Severity code, as defined in RFC5424, for filtered logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 5.",
"maximum": 7,
"minimum": 0,
"required": false,
"title": "Filtered log severity",
"type": "integer"
},
"hostname": {
"default": "AviVantage",
"description": "String to use as the hostname in the syslog messages. This string can contain only printable ASCII characters (hex 21 to hex 7E; no space allowed). Default value when not specified in API or module is interpreted by ALB Controller as AviVantage.",
"required": false,
"title": "Hostname",
"type": "string"
},
"non_significant_log_severity": {
"default": 6,
"description": "Severity code, as defined in RFC5424, for non-significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 6.",
"maximum": 7,
"minimum": 0,
"required": false,
"title": "Non significant log severity",
"type": "integer"
},
"significant_log_severity": {
"default": 4,
"description": "Severity code, as defined in RFC5424, for significant logs. This must be between 0 and 7 inclusive. Allowed values are 0-7. Default value when not specified in API or module is interpreted by ALB Controller as 4.",
"maximum": 7,
"minimum": 0,
"required": false,
"title": "Significant log severity",
"type": "integer"
}
},
"title": "StreamingSyslogConfig",
"type": "object"
}
ALBStringGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer StringGroup object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBStringGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"kv": {
"description": "Configure Key Value in the string group.",
"items": {
"$ref": "ALBKeyValue
},
"required": false,
"title": "Kv",
"type": "array"
},
"longest_match": {
"default": false,
"description": "Enable the longest match, default is the shortest match. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Longest match",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"$ref": "ALBStringGroupType,
"default": "SG_TYPE_STRING",
"description": "Type of StringGroup. Enum options - SG_TYPE_STRING, SG_TYPE_KEYVAL. Default value when not specified in API or module is interpreted by ALB Controller as SG_TYPE_STRING.",
"required": true,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "StringGroup",
"type": "object"
}
ALBStringGroupApiResponse (type)
{
"additionalProperties": false,
"description": "StringGroupApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBStringGroupApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of StringGroup",
"items": {
"$ref": "ALBStringGroup
},
"required": false,
"title": "Array of StringGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "StringGroupApiResponse",
"type": "object"
}
ALBStringGroupType (type)
{
"description": "Valid ENUM values for ALBStringGroupType",
"enum": [
"SG_TYPE_STRING",
"SG_TYPE_KEYVAL"
],
"id": "ALBStringGroupType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "StringGroupType type",
"type": "string"
}
ALBStringMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer StringMatch object",
"id": "ALBStringMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_criteria": {
"$ref": "ALBStringOperation,
"description": "Criterion to use for string matching the HTTP request. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Allowed in Basic(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Essentials(Allowed values- BEGINS_WITH,DOES_NOT_BEGIN_WITH,CONTAINS,DOES_NOT_CONTAIN,ENDS_WITH,DOES_NOT_END_WITH,EQUALS,DOES_NOT_EQUAL) edition, Enterprise edition.",
"required": true,
"title": "Match criteria"
},
"match_str": {
"description": "String value(s).",
"items": {
"type": "string"
},
"required": false,
"title": "Match str",
"type": "array"
},
"string_group_paths": {
"description": "path of the string group(s). It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "String group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBAnalyticsProfile"
],
"relationshipType": "ALB_ANALYTICSPROFILE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBSSOPolicy"
],
"relationshipType": "ALB_SSOPOLICY_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
},
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
}
},
"title": "StringMatch",
"type": "object"
}
ALBStringOperation (type)
{
"description": "Valid ENUM values for ALBStringOperation",
"enum": [
"BEGINS_WITH",
"DOES_NOT_BEGIN_WITH",
"CONTAINS",
"DOES_NOT_CONTAIN",
"ENDS_WITH",
"DOES_NOT_END_WITH",
"EQUALS",
"DOES_NOT_EQUAL",
"REGEX_MATCH",
"REGEX_DOES_NOT_MATCH"
],
"id": "ALBStringOperation",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "StringOperation type",
"type": "string"
}
ALBTCPApplicationProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer TCPApplicationProfile object",
"id": "ALBTCPApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"pki_profile_path": {
"description": "Select the PKI profile to be associated with the Virtual Service. This profile defines the Certificate Authority and Revocation List. It is a reference to an object of type PKIProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Pki profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBApplicationProfile"
],
"relationshipType": "ALB_APPLICATIONPROFILE_ALB_PKIPROFILE_RELATIONSHIP",
"rightType": [
"ALBPKIProfile"
]
}
]
},
"proxy_protocol_enabled": {
"default": false,
"description": "Enable/Disable the usage of proxy protocol to convey client connection information to the back-end servers. Valid only for L4 application profiles and TCP proxy. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Proxy protocol enabled",
"type": "boolean"
},
"proxy_protocol_version": {
"$ref": "ALBProxyProtocolVersion,
"default": "PROXY_PROTOCOL_VERSION_1",
"description": "Version of proxy protocol to be used to convey client connection information to the back-end servers. Enum options - PROXY_PROTOCOL_VERSION_1, PROXY_PROTOCOL_VERSION_2. Allowed in Basic(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Essentials(Allowed values- PROXY_PROTOCOL_VERSION_1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as PROXY_PROTOCOL_VERSION_1.",
"required": false,
"title": "Proxy protocol version"
},
"ssl_client_certificate_mode": {
"$ref": "ALBSSLClientCertificateMode,
"default": "SSL_CLIENT_CERTIFICATE_NONE",
"description": "Specifies whether the client side verification is set to none, request or require. Enum options - SSL_CLIENT_CERTIFICATE_NONE, SSL_CLIENT_CERTIFICATE_REQUEST, SSL_CLIENT_CERTIFICATE_REQUIRE. Allowed in Basic(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Essentials(Allowed values- SSL_CLIENT_CERTIFICATE_NONE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as SSL_CLIENT_CERTIFICATE_NONE.",
"required": false,
"title": "Ssl client certificate mode"
}
},
"title": "TCPApplicationProfile",
"type": "object"
}
ALBTCPFastPathProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer TCPFastPathProfile object",
"id": "ALBTCPFastPathProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dsr_profile": {
"$ref": "ALBDsrProfile,
"description": "DSR profile information. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Dsr profile"
},
"enable_syn_protection": {
"default": false,
"description": "When enabled, Avi will complete the 3-way handshake with the client before forwarding any packets to the server. This will protect the server from SYN flood and half open SYN connections. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable syn protection",
"type": "boolean"
},
"session_idle_timeout": {
"default": 300,
"description": "The amount of time (in sec) for which a connection needs to be idle before it is eligible to be deleted. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 300.",
"maximum": 14400,
"minimum": 0,
"required": false,
"title": "Session idle timeout",
"type": "integer"
}
},
"title": "TCPFastPathProfile",
"type": "object"
}
ALBTCPProxyProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer TCPProxyProfile object",
"id": "ALBTCPProxyProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"aggressive_congestion_avoidance": {
"default": false,
"description": "Controls the our congestion window to send, normally it's 1 mss, If this option is turned on, we use 10 msses. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Aggressive congestion avoidance",
"type": "boolean"
},
"auto_window_growth": {
"default": true,
"description": "Controls whether the windows are static or supports autogrowth. Maximum that it can grow to is limited to 4MB. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Auto window growth",
"type": "boolean"
},
"automatic": {
"default": true,
"description": "Dynamically pick the relevant parameters for connections. Allowed in Basic(Allowed values- true) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Automatic",
"type": "boolean"
},
"cc_algo": {
"$ref": "ALBCongestionAlgo,
"default": "CC_ALGO_NEW_RENO",
"description": "Controls the congestion control algorithm we use. Enum options - CC_ALGO_NEW_RENO, CC_ALGO_CUBIC, CC_ALGO_HTCP. Default value when not specified in API or module is interpreted by ALB Controller as CC_ALGO_NEW_RENO.",
"required": false,
"title": "Cc algo"
},
"congestion_recovery_scaling_factor": {
"default": 2,
"description": "Congestion window scaling factor after recovery. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 2.",
"maximum": 8,
"minimum": 0,
"required": false,
"title": "Congestion recovery scaling factor",
"type": "integer"
},
"idle_connection_timeout": {
"default": 600,
"description": "The duration for keepalive probes or session idle timeout. Max value is 3600 seconds, min is 5. Set to 0 to allow infinite idle time. Allowed values are 5-14400. Special values are 0 - 'infinite'. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 600.",
"maximum": 14400,
"minimum": 0,
"required": false,
"title": "Idle connection timeout",
"type": "integer"
},
"idle_connection_type": {
"$ref": "ALBIdleConnectionType,
"default": "KEEP_ALIVE",
"description": "Controls the behavior of idle connections. Enum options - KEEP_ALIVE, CLOSE_IDLE. Default value when not specified in API or module is interpreted by ALB Controller as KEEP_ALIVE.",
"required": false,
"title": "Idle connection type"
},
"ignore_time_wait": {
"default": false,
"description": "A new SYN is accepted from the same 4-tuple even if there is already a connection in TIME_WAIT state. This is equivalent of setting Time Wait Delay to 0. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ignore time wait",
"type": "boolean"
},
"ip_dscp": {
"default": 0,
"description": "Controls the value of the Differentiated Services Code Point field inserted in the IP header. This has two options Set to a specific value, or Pass Through, which uses the incoming DSCP value. Allowed values are 0-63. Special values are MAX - 'Passthrough'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 63,
"minimum": 0,
"required": false,
"title": "Ip dscp",
"type": "integer"
},
"keepalive_in_halfclose_state": {
"default": true,
"description": "Controls whether to keep the connection alive with keepalive messages in the TCP half close state. The interval for sending keepalive messages is 30s. If a timeout is already configured in the network profile, this will not override it. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Keepalive in halfclose state",
"type": "boolean"
},
"max_retransmissions": {
"default": 8,
"description": "The number of attempts at retransmit before closing the connection. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8.",
"maximum": 8,
"minimum": 3,
"required": false,
"title": "Max retransmissions",
"type": "integer"
},
"max_segment_size": {
"description": "Maximum TCP segment size. Allowed values are 512-9000. Special values are 0 - 'Use Interface MTU'. Unit is BYTES.",
"maximum": 9000,
"minimum": 0,
"required": false,
"title": "Max segment size",
"type": "integer"
},
"max_syn_retransmissions": {
"default": 8,
"description": "The maximum number of attempts at retransmitting a SYN packet before giving up. Allowed values are 3-8. Default value when not specified in API or module is interpreted by ALB Controller as 8.",
"maximum": 8,
"minimum": 3,
"required": false,
"title": "Max syn retransmissions",
"type": "integer"
},
"min_rexmt_timeout": {
"description": "The minimum wait time (in millisec) to retransmit packet. Allowed values are 50-5000. Unit is MILLISECONDS.",
"maximum": 5000,
"minimum": 50,
"required": false,
"title": "Min rexmt timeout",
"type": "integer"
},
"nagles_algorithm": {
"default": false,
"description": "Consolidates small data packets to send clients fewer but larger packets. Adversely affects real time protocols such as telnet or SSH. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Nagles algorithm",
"type": "boolean"
},
"reassembly_queue_size": {
"default": 0,
"description": "Maximum number of TCP segments that can be queued for reassembly. Configuring this to 0 disables the feature and provides unlimited queuing. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"required": false,
"title": "Reassembly queue size",
"type": "integer"
},
"receive_window": {
"default": 64,
"description": "Size of the receive window. Allowed values are 2-65536. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 64.",
"maximum": 65536,
"minimum": 2,
"required": false,
"title": "Receive window",
"type": "integer"
},
"reorder_threshold": {
"description": "Controls the number of duplicate acks required to trigger retransmission. Setting a higher value reduces retransmission caused by packet reordering. A larger value is recommended in public cloud environments where packet reordering is quite common. The default value is 8 in public cloud platforms (AWS, Azure, GCP), and 3 in other environments. Allowed values are 1-100.",
"maximum": 100,
"minimum": 1,
"required": false,
"title": "Reorder threshold",
"type": "integer"
},
"slow_start_scaling_factor": {
"default": 1,
"description": "Congestion window scaling factor during slow start. Allowed values are 0-8. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 8,
"minimum": 0,
"required": false,
"title": "Slow start scaling factor",
"type": "integer"
},
"time_wait_delay": {
"default": 2000,
"description": "The time (in millisec) to wait before closing a connection in the TIME_WAIT state. Allowed values are 500-2000. Special values are 0 - 'immediate'. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 2000.",
"maximum": 2000,
"minimum": 0,
"required": false,
"title": "Time wait delay",
"type": "integer"
},
"use_interface_mtu": {
"default": true,
"description": "Use the interface MTU to calculate the TCP max segment size. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Use interface mtu",
"type": "boolean"
}
},
"title": "TCPProxyProfile",
"type": "object"
}
ALBTacacsPlusAuthSettings (type)
{
"additionalProperties": false,
"description": "Advanced load balancer TacacsPlusAuthSettings object",
"id": "ALBTacacsPlusAuthSettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"authorization_attrs": {
"description": "TACACS+ authorization attribute value pairs.",
"items": {
"$ref": "ALBAuthTacacsPlusAttributeValuePair
},
"required": false,
"title": "Authorization attrs",
"type": "array"
},
"password": {
"description": "TACACS+ server shared secret.",
"required": false,
"sensitive": true,
"title": "Password",
"type": "string"
},
"port": {
"default": 49,
"description": "TACACS+ server listening port. Default value when not specified in API or module is interpreted by ALB Controller as 49.",
"required": false,
"title": "Port",
"type": "integer"
},
"server": {
"description": "TACACS+ server IP address or FQDN. Minimum of 1 items required.",
"items": {
"type": "string"
},
"required": true,
"title": "Server",
"type": "array"
},
"service": {
"$ref": "ALBAuthTacacsPlusService,
"default": "AUTH_TACACS_PLUS_SERVICE_LOGIN",
"description": "TACACS+ service. Enum options - AUTH_TACACS_PLUS_SERVICE_NONE, AUTH_TACACS_PLUS_SERVICE_LOGIN, AUTH_TACACS_PLUS_SERVICE_ENABLE, AUTH_TACACS_PLUS_SERVICE_PPP, AUTH_TACACS_PLUS_SERVICE_ARAP, AUTH_TACACS_PLUS_SERVICE_PT, AUTH_TACACS_PLUS_SERVICE_RCMD, AUTH_TACACS_PLUS_SERVICE_X25, AUTH_TACACS_PLUS_SERVICE_NASI, AUTH_TACACS_PLUS_SERVICE_FWPROXY. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_TACACS_PLUS_SERVICE_LOGIN.",
"required": false,
"title": "Service"
}
},
"title": "TacacsPlusAuthSettings",
"type": "object"
}
ALBTag (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Tag object",
"id": "ALBTag",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"type": {
"$ref": "ALBTagType,
"default": "USER_DEFINED",
"description": "Enum options - AVI_DEFINED, USER_DEFINED, VCENTER_DEFINED. Default value when not specified in API or module is interpreted by ALB Controller as USER_DEFINED.",
"required": false,
"title": "Type"
},
"value": {
"description": "value of Tag.",
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Tag",
"type": "object"
}
ALBTagType (type)
{
"description": "Valid ENUM values for ALBTagType",
"enum": [
"AVI_DEFINED",
"USER_DEFINED",
"VCENTER_DEFINED"
],
"id": "ALBTagType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "TagType type",
"type": "string"
}
ALBTrafficCloneProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer TrafficCloneProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBTrafficCloneProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"clone_servers": {
"description": "Maximum of 10 items allowed.",
"items": {
"$ref": "ALBCloneServer
},
"required": false,
"title": "Clone servers",
"type": "array"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preserve_client_ip": {
"default": false,
"description": "Specifies if client IP needs to be preserved to clone destination. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Preserve client ip",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TrafficCloneProfile",
"type": "object"
}
ALBTrafficCloneProfileApiResponse (type)
{
"additionalProperties": false,
"description": "TrafficCloneProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBTrafficCloneProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of TrafficCloneProfile",
"items": {
"$ref": "ALBTrafficCloneProfile
},
"required": false,
"title": "Array of TrafficCloneProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "TrafficCloneProfileApiResponse",
"type": "object"
}
ALBUDPFastPathProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer UDPFastPathProfile object",
"id": "ALBUDPFastPathProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"dsr_profile": {
"$ref": "ALBDsrProfile,
"description": "DSR profile information. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Dsr profile"
},
"per_pkt_loadbalance": {
"default": false,
"description": "When enabled, every UDP packet is considered a new transaction and may be load balanced to a different server. When disabled, packets from the same client source IP and port are sent to the same server. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Per pkt loadbalance",
"type": "boolean"
},
"session_idle_timeout": {
"default": 10,
"description": "The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"maximum": 3600,
"minimum": 2,
"required": false,
"title": "Session idle timeout",
"type": "integer"
},
"snat": {
"default": true,
"description": "When disabled, Source NAT will not be performed for all client UDP packets. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Snat",
"type": "boolean"
}
},
"title": "UDPFastPathProfile",
"type": "object"
}
ALBUDPProxyProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer UDPProxyProfile object",
"id": "ALBUDPProxyProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"session_idle_timeout": {
"default": 10,
"description": "The amount of time (in sec) for which a flow needs to be idle before it is deleted. Allowed values are 2-3600. Unit is SEC. Default value when not specified in API or module is interpreted by ALB Controller as 10.",
"maximum": 3600,
"minimum": 2,
"required": false,
"title": "Session idle timeout",
"type": "integer"
}
},
"title": "UDPProxyProfile",
"type": "object"
}
ALBURIParam (type)
{
"additionalProperties": false,
"description": "Advanced load balancer URIParam object",
"id": "ALBURIParam",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"tokens": {
"description": "Token config either for the URI components or a constant string. Minimum of 1 items required.",
"items": {
"$ref": "ALBURIParamToken
},
"required": true,
"title": "Tokens",
"type": "array"
},
"type": {
"$ref": "ALBURIParamType,
"description": "URI param type. Enum options - URI_PARAM_TYPE_TOKENIZED.",
"required": true,
"title": "Type"
}
},
"title": "URIParam",
"type": "object"
}
ALBURIParamQuery (type)
{
"additionalProperties": false,
"description": "Advanced load balancer URIParamQuery object",
"id": "ALBURIParamQuery",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"add_string": {
"description": "Concatenate a string to the query of the incoming request URI and then use it in the request URI going to the backend server.",
"required": false,
"title": "Add string",
"type": "string"
},
"keep_query": {
"default": true,
"description": "Use or drop the query of the incoming request URI in the request URI to the backend server. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Keep query",
"type": "boolean"
}
},
"title": "URIParamQuery",
"type": "object"
}
ALBURIParamToken (type)
{
"additionalProperties": false,
"description": "Advanced load balancer URIParamToken object",
"id": "ALBURIParamToken",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"end_index": {
"description": "Index of the ending token in the incoming URI. Allowed values are 0-65534. Special values are 65535 - 'end of string'.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "End index",
"type": "integer"
},
"start_index": {
"description": "Index of the starting token in the incoming URI.",
"required": false,
"title": "Start index",
"type": "integer"
},
"str_value": {
"description": "Constant string to use as a token.",
"required": false,
"title": "Str value",
"type": "string"
},
"type": {
"$ref": "ALBURITokenType,
"description": "Token type for constructing the URI. Enum options - URI_TOKEN_TYPE_HOST, URI_TOKEN_TYPE_PATH, URI_TOKEN_TYPE_STRING, URI_TOKEN_TYPE_STRING_GROUP, URI_TOKEN_TYPE_REGEX.",
"required": true,
"title": "Type"
}
},
"title": "URIParamToken",
"type": "object"
}
ALBURIParamType (type)
{
"description": "Valid ENUM values for ALBURIParamType",
"enum": [
"URI_PARAM_TYPE_TOKENIZED"
],
"id": "ALBURIParamType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "URIParamType type",
"type": "string"
}
ALBURITokenType (type)
{
"description": "Valid ENUM values for ALBURITokenType",
"enum": [
"URI_TOKEN_TYPE_HOST",
"URI_TOKEN_TYPE_PATH",
"URI_TOKEN_TYPE_STRING",
"URI_TOKEN_TYPE_STRING_GROUP",
"URI_TOKEN_TYPE_REGEX"
],
"id": "ALBURITokenType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "URITokenType type",
"type": "string"
}
ALBVSDataScript (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VSDataScript object",
"id": "ALBVSDataScript",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"evt": {
"$ref": "ALBVSDataScriptEvent,
"description": "Event triggering execution of datascript. Enum options - VS_DATASCRIPT_EVT_HTTP_REQ, VS_DATASCRIPT_EVT_HTTP_RESP, VS_DATASCRIPT_EVT_HTTP_RESP_DATA, VS_DATASCRIPT_EVT_HTTP_LB_FAILED, VS_DATASCRIPT_EVT_HTTP_REQ_DATA, VS_DATASCRIPT_EVT_HTTP_RESP_FAILED, VS_DATASCRIPT_EVT_HTTP_LB_DONE, VS_DATASCRIPT_EVT_HTTP_AUTH, VS_DATASCRIPT_EVT_HTTP_POST_AUTH, VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT, VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE, VS_DATASCRIPT_EVT_DNS_REQ, VS_DATASCRIPT_EVT_DNS_RESP, VS_DATASCRIPT_EVT_L4_REQUEST, VS_DATASCRIPT_EVT_L4_RESPONSE, VS_DATASCRIPT_EVT_MAX. Allowed in Basic(Allowed values- VS_DATASCRIPT_EVT_HTTP_REQ) edition, Enterprise edition.",
"required": true,
"title": "Evt"
},
"script": {
"description": "Datascript to execute when the event triggers.",
"required": true,
"title": "Script",
"type": "string"
}
},
"title": "VSDataScript",
"type": "object"
}
ALBVSDataScriptEvent (type)
{
"description": "Valid ENUM values for ALBVSDataScriptEvent",
"enum": [
"VS_DATASCRIPT_EVT_HTTP_REQ",
"VS_DATASCRIPT_EVT_HTTP_RESP",
"VS_DATASCRIPT_EVT_HTTP_RESP_DATA",
"VS_DATASCRIPT_EVT_HTTP_LB_FAILED",
"VS_DATASCRIPT_EVT_HTTP_REQ_DATA",
"VS_DATASCRIPT_EVT_HTTP_RESP_FAILED",
"VS_DATASCRIPT_EVT_HTTP_LB_DONE",
"VS_DATASCRIPT_EVT_HTTP_AUTH",
"VS_DATASCRIPT_EVT_HTTP_POST_AUTH",
"VS_DATASCRIPT_EVT_TCP_CLIENT_ACCEPT",
"VS_DATASCRIPT_EVT_SSL_HANDSHAKE_DONE",
"VS_DATASCRIPT_EVT_DNS_REQ",
"VS_DATASCRIPT_EVT_DNS_RESP",
"VS_DATASCRIPT_EVT_L4_REQUEST",
"VS_DATASCRIPT_EVT_L4_RESPONSE",
"VS_DATASCRIPT_EVT_MAX"
],
"id": "ALBVSDataScriptEvent",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "VSDataScriptEvent type",
"type": "string"
}
ALBVSDataScriptSet (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VSDataScriptSet object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBVSDataScriptSet",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"datascript": {
"description": "DataScripts to execute.",
"items": {
"$ref": "ALBVSDataScript
},
"required": false,
"title": "Datascript",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipgroup_paths": {
"description": "path of IP Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type IpAddrGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "Ipgroup paths",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_group_paths": {
"description": "path of pool groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type PoolGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "Pool group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVSDataScriptSet"
],
"relationshipType": "ALB_VSDATASCRIPTSET_ALB_POOLGROUP_RELATIONSHIP",
"rightType": [
"ALBPoolGroup"
]
}
]
},
"pool_paths": {
"description": "path of pools that could be referred by VSDataScriptSet objects. It is a reference to an object of type Pool.",
"items": {
"type": "string"
},
"required": false,
"title": "Pool paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVSDataScriptSet"
],
"relationshipType": "ALB_VSDATASCRIPTSET_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
},
"protocol_parser_paths": {
"description": "List of protocol parsers that could be referred by VSDataScriptSet objects. It is a reference to an object of type ProtocolParser. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"type": "string"
},
"required": false,
"title": "Protocol parser paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVSDataScriptSet"
],
"relationshipType": "ALB_VSDATASCRIPTSET_ALB_PROTOCOLPARSER_RELATIONSHIP",
"rightType": [
"ALBProtocolParser"
]
}
]
},
"rate_limiters": {
"description": "The Rate Limit definitions needed for this DataScript. The name is composed of the Virtual Service name and the DataScript name. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRateLimiter
},
"required": false,
"title": "Rate limiters",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"string_group_paths": {
"description": "path of String Groups that could be referred by VSDataScriptSet objects. It is a reference to an object of type StringGroup.",
"items": {
"type": "string"
},
"required": false,
"title": "String group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVSDataScriptSet"
],
"relationshipType": "ALB_VSDATASCRIPTSET_ALB_STRINGGROUP_RELATIONSHIP",
"rightType": [
"ALBStringGroup"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "VSDataScriptSet",
"type": "object"
}
ALBVSDataScriptSetApiResponse (type)
{
"additionalProperties": false,
"description": "VSDataScriptSetApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBVSDataScriptSetApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of VSDataScriptSet",
"items": {
"$ref": "ALBVSDataScriptSet
},
"required": false,
"title": "Array of VSDataScriptSet",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VSDataScriptSetApiResponse",
"type": "object"
}
ALBVSDataScripts (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VSDataScripts object",
"id": "ALBVSDataScripts",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"index": {
"description": "Index of the virtual service datascript collection.",
"required": true,
"title": "Index",
"type": "integer"
},
"vs_datascript_set_path": {
"description": "path of the virtual service datascript collection. It is a reference to an object of type VSDataScriptSet.",
"required": true,
"title": "Vs datascript set path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_VSDATASCRIPTSET_RELATIONSHIP",
"rightType": [
"ALBVSDataScriptSet"
]
}
]
}
},
"title": "VSDataScripts",
"type": "object"
}
ALBVip (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Vip object",
"id": "ALBVip",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"auto_allocate_floating_ip": {
"default": false,
"description": "Auto-allocate floating/elastic IP from the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Auto allocate floating ip",
"type": "boolean"
},
"auto_allocate_ip": {
"default": false,
"description": "Auto-allocate VIP from the provided subnet. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Auto allocate ip",
"type": "boolean"
},
"auto_allocate_ip_type": {
"$ref": "ALBIpAddressVersions,
"default": "V4_ONLY",
"description": "Specifies whether to auto-allocate only a V4 address, only a V6 address, or one of each type. Enum options - V4_ONLY, V6_ONLY, V4_V6. Allowed in Basic(Allowed values- V4_ONLY) edition, Essentials(Allowed values- V4_ONLY) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as V4_ONLY.",
"required": false,
"title": "Auto allocate ip type"
},
"availability_zone": {
"description": "Availability-zone to place the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Availability zone",
"type": "string"
},
"avi_allocated_fip": {
"default": false,
"description": "(internal-use) FIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Avi allocated fip",
"type": "boolean"
},
"avi_allocated_vip": {
"default": false,
"description": "(internal-use) VIP allocated by Avi in the Cloud infrastructure. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Avi allocated vip",
"type": "boolean"
},
"discovered_networks": {
"description": "Discovered networks providing reachability for client facing Vip IP.",
"items": {
"$ref": "ALBDiscoveredNetwork
},
"required": false,
"title": "Discovered networks",
"type": "array"
},
"enabled": {
"default": true,
"description": "Enable or disable the Vip. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"floating_ip": {
"$ref": "ALBIpAddr,
"description": "Floating IPv4 to associate with this Vip. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Floating ip"
},
"floating_ip6": {
"$ref": "ALBIpAddr,
"description": "Floating IPv6 address to associate with this Vip. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Floating ip6"
},
"floating_subnet6_uuid": {
"description": "If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IPv6 address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Floating subnet6 uuid",
"type": "string"
},
"floating_subnet_uuid": {
"description": "If auto_allocate_floating_ip is True and more than one floating-ip subnets exist, then the subnet for the floating IP address allocation. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Floating subnet uuid",
"type": "string"
},
"ip6_address": {
"$ref": "ALBIpAddr,
"description": "IPv6 Address of the Vip.",
"required": false,
"title": "Ip6 address"
},
"ip_address": {
"$ref": "ALBIpAddr,
"description": "IPv4 Address of the VIP.",
"required": false,
"title": "Ip address"
},
"ipam_network_subnet": {
"$ref": "ALBIPNetworkSubnet,
"description": "Subnet and/or Network for allocating VirtualService IP by IPAM Provider module.",
"required": false,
"title": "Ipam network subnet"
},
"network_name": {
"description": "Manually override the network on which the Vip is placed. It is a reference to an object of type Network.",
"required": false,
"title": "Network name",
"type": "string"
},
"placement_networks": {
"description": "Placement networks/subnets to use for vip placement. Maximum of 10 items allowed.",
"items": {
"$ref": "ALBVipPlacementNetwork
},
"required": false,
"title": "Placement networks",
"type": "array"
},
"port_uuid": {
"description": "(internal-use) Network port assigned to the Vip IP address.",
"required": false,
"title": "Port uuid",
"type": "string"
},
"prefix_length": {
"default": 32,
"description": "Mask applied for the Vip, non-default mask supported only for wildcard Vip. Allowed values are 0-32. Allowed in Basic(Allowed values- 32) edition, Essentials(Allowed values- 32) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 32.",
"maximum": 32,
"minimum": 0,
"required": false,
"title": "Prefix length",
"type": "integer"
},
"subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "Subnet providing reachability for client facing Vip IP.",
"required": false,
"title": "Subnet"
},
"subnet6": {
"$ref": "ALBIpAddrPrefix,
"description": "Subnet providing reachability for client facing Vip IPv6. Allowed in Essentials edition, Enterprise edition.",
"required": false,
"title": "Subnet6"
},
"subnet6_uuid": {
"description": "If auto_allocate_ip is True, then the subnet for the Vip IPv6 address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected. Allowed in Essentials edition, Enterprise edition.",
"required": false,
"title": "Subnet6 uuid",
"type": "string"
},
"subnet_uuid": {
"description": "If auto_allocate_ip is True, then the subnet for the Vip IP address allocation. This field is applicable only if the VirtualService belongs to an Openstack or AWS cloud, in which case it is mandatory, if auto_allocate is selected.",
"required": false,
"title": "Subnet uuid",
"type": "string"
},
"vip_id": {
"description": "Unique ID associated with the vip.",
"required": true,
"title": "Vip id",
"type": "string"
}
},
"title": "Vip",
"type": "object"
}
ALBVipPlacementNetwork (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VipPlacementNetwork object",
"id": "ALBVipPlacementNetwork",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"network_name": {
"description": "Network to use for vip placement. It is a reference to an object of type Network.",
"required": false,
"title": "Network name",
"type": "string"
},
"subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "IPv4 Subnet to use for vip placement.",
"required": false,
"title": "Subnet"
},
"subnet6": {
"$ref": "ALBIpAddrPrefix,
"description": "IPv6 subnet to use for vip placement.",
"required": false,
"title": "Subnet6"
}
},
"title": "VipPlacementNetwork",
"type": "object"
}
ALBVirtualService (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VirtualService object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBVirtualService",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_standby_se_tag": {
"$ref": "ALBActiveStandbySeTag,
"default": "ACTIVE_STANDBY_SE_1",
"description": "This configuration only applies if the VirtualService is in Legacy Active Standby HA mode and Load Distribution among Active Standby is enabled. This field is used to tag the VirtualService so that VirtualServices with the same tag will share the same Active ServiceEngine. VirtualServices with different tags will have different Active ServiceEngines. If one of the ServiceEngine's in the ServiceEngineGroup fails, all VirtualServices will end up using the same Active ServiceEngine. Redistribution of the VirtualServices can be either manual or automated when the failed ServiceEngine recovers. Redistribution is based on the auto redistribute property of the ServiceEngineGroup. Enum options - ACTIVE_STANDBY_SE_1, ACTIVE_STANDBY_SE_2. Default value when not specified in API or module is interpreted by ALB Controller as ACTIVE_STANDBY_SE_1.",
"required": false,
"title": "Active standby se tag"
},
"advertise_down_vs": {
"default": false,
"description": "Keep advertising Virtual Service via BGP even if it is marked down by health monitor. This setting takes effect for future Virtual Service flaps. To advertise current VSes that are down, please disable and re-enable the Virtual Service. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Advertise down vs",
"type": "boolean"
},
"allow_invalid_client_cert": {
"default": false,
"description": "Process request even if invalid client certificate is presented. Datascript APIs need to be used for processing of such requests. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Allow invalid client cert",
"type": "boolean"
},
"analytics_policy": {
"$ref": "ALBAnalyticsPolicy,
"description": "Determines analytics settings for the application.",
"required": false,
"title": "Analytics policy"
},
"analytics_profile_path": {
"description": "Specifies settings related to analytics. It is a reference to an object of type AnalyticsProfile.",
"required": false,
"title": "Analytics profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_ANALYTICSPROFILE_RELATIONSHIP",
"rightType": [
"ALBAnalyticsProfile"
]
}
]
},
"apic_contract_graph": {
"description": "The name of the Contract/Graph associated with the Virtual Service. Should be in the <Contract name> <Graph name> format. This is applicable only for Service Integration mode with Cisco APIC Controller. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Apic contract graph",
"type": "string"
},
"application_profile_path": {
"description": "Enable application layer specific features for the Virtual Service. It is a reference to an object of type ApplicationProfile. Special default for Essentials edition is System-L4-Application.",
"required": false,
"title": "Application profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_APPLICATIONPROFILE_RELATIONSHIP",
"rightType": [
"ALBApplicationProfile"
]
}
]
},
"azure_availability_set": {
"description": "(internal-use)Applicable for Azure only. Azure Availability set to which this VS is associated. Internally set by the cloud connector.",
"required": false,
"title": "Azure availability set",
"type": "string"
},
"bgp_peer_labels": {
"description": "Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Bgp peer labels",
"type": "array"
},
"bulk_sync_kvcache": {
"default": false,
"description": "(This is a beta feature). Sync Key-Value cache to the new SEs when VS is scaled out. For ex SSL sessions are stored using VS's Key-Value cache. When the VS is scaled out, the SSL session information is synced to the new SE, allowing existing SSL sessions to be reused on the new SE. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Bulk sync kvcache",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"client_auth": {
"$ref": "ALBHTTPClientAuthenticationParams,
"description": "HTTP authentication configuration for protected resources.",
"required": false,
"title": "Client auth"
},
"close_client_conn_on_config_update": {
"default": false,
"description": "close client connection on vs config update. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Close client conn on config update",
"type": "boolean"
},
"cloud_config_cksum": {
"description": "Checksum of cloud configuration for VS. Internally set by cloud connector.",
"required": false,
"title": "Cloud config cksum",
"type": "string"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"cloud_type": {
"$ref": "ALBCloudType,
"default": "CLOUD_NONE",
"description": "Enum options - CLOUD_NONE, CLOUD_VCENTER, CLOUD_OPENSTACK, CLOUD_AWS, CLOUD_VCA, CLOUD_APIC, CLOUD_MESOS, CLOUD_LINUXSERVER, CLOUD_DOCKER_UCP, CLOUD_RANCHER, CLOUD_OSHIFT_K8S, CLOUD_AZURE, CLOUD_GCP, CLOUD_NSXT. Allowed in Basic(Allowed values- CLOUD_NONE,CLOUD_NSXT) edition, Essentials(Allowed values- CLOUD_NONE,CLOUD_VCENTER) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as CLOUD_NONE.",
"required": false,
"title": "Cloud type"
},
"connections_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate limit the incoming connections to this virtual service.",
"required": false,
"title": "Connections rate limit"
},
"content_rewrite": {
"$ref": "ALBContentRewriteProfile,
"description": "Profile used to match and rewrite strings in request and/or response body.",
"required": false,
"title": "Content rewrite"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"delay_fairness": {
"default": false,
"description": "Select the algorithm for QoS fairness. This determines how multiple Virtual Services sharing the same Service Engines will prioritize traffic over a congested network. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Delay fairness",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_info": {
"description": "Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Note that only one of fqdn and dns_info setting is allowed. Maximum of 1000 items allowed.",
"items": {
"$ref": "ALBDnsInfo
},
"required": false,
"title": "Dns info",
"type": "array"
},
"dns_policies": {
"description": "DNS Policies applied on the dns traffic of the Virtual Service. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBDnsPolicies
},
"required": false,
"title": "Dns policies",
"type": "array"
},
"east_west_placement": {
"default": false,
"description": "Force placement on all SE's in service group (Mesos mode only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "East west placement",
"type": "boolean"
},
"enable_autogw": {
"default": false,
"description": "Response traffic to clients will be sent back to the source MAC address of the connection, rather than statically sent to a default gateway. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Special default for Basic edition is false, Essentials edition is false, Enterprise is True. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable autogw",
"type": "boolean"
},
"enable_rhi": {
"description": "Enable Route Health Injection using the BGP Config in the vrf context.",
"required": false,
"title": "Enable rhi",
"type": "boolean"
},
"enable_rhi_snat": {
"description": "Enable Route Health Injection for Source NAT'ted floating IP Address using the BGP Config in the vrf context.",
"required": false,
"title": "Enable rhi snat",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "Enable or disable the Virtual Service. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"error_page_profile_path": {
"description": "Error Page Profile to be used for this virtualservice.This profile is used to send the custom error page to the client generated by the proxy. It is a reference to an object of type ErrorPageProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Error page profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_ERRORPAGEPROFILE_RELATIONSHIP",
"rightType": [
"ALBErrorPageProfile"
]
}
]
},
"flow_dist": {
"$ref": "ALBSeFlowDist,
"default": "LOAD_AWARE",
"description": "Criteria for flow distribution among SEs. Enum options - LOAD_AWARE, CONSISTENT_HASH_SOURCE_IP_ADDRESS, CONSISTENT_HASH_SOURCE_IP_ADDRESS_AND_PORT. Allowed in Basic(Allowed values- LOAD_AWARE) edition, Essentials(Allowed values- LOAD_AWARE) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as LOAD_AWARE.",
"required": false,
"title": "Flow dist"
},
"flow_label_type": {
"$ref": "ALBFlowLabelType,
"default": "NO_LABEL",
"description": "Criteria for flow labelling. Enum options - NO_LABEL, APPLICATION_LABEL, SERVICE_LABEL. Default value when not specified in API or module is interpreted by ALB Controller as NO_LABEL.",
"required": false,
"title": "Flow label type"
},
"fqdn": {
"description": "DNS resolvable, fully qualified domain name of the virtualservice. Only one of 'fqdn' and 'dns_info' configuration is allowed.",
"required": false,
"title": "Fqdn",
"type": "string"
},
"group_paths": {
"description": "A list of NSX Groups representing the Clients which can access the Virtual IP of the Virtual Service.",
"items": {
"type": "string"
},
"required": false,
"title": "Group paths",
"type": "array"
},
"host_name_xlate": {
"description": "Translate the host name sent to the servers to this value. Translate the host name sent from servers back to the value used by the client.",
"required": false,
"title": "Host name xlate",
"type": "string"
},
"http_policies": {
"description": "HTTP Policies applied on the data traffic of the Virtual Service.",
"items": {
"$ref": "ALBHTTPPolicies
},
"required": false,
"title": "Http policies",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ign_pool_net_reach": {
"default": false,
"description": "Ignore Pool servers network reachability constraints for Virtual Service placement. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ign pool net reach",
"type": "boolean"
},
"l4_policies": {
"description": "L4 Policies applied to the data traffic of the Virtual Service.",
"items": {
"$ref": "ALBL4Policies
},
"required": false,
"title": "L4 policies",
"type": "array"
},
"limit_doser": {
"default": false,
"description": "Limit potential DoS attackers who exceed max_cps_per_client significantly to a fraction of max_cps_per_client for a while. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Limit doser",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"max_cps_per_client": {
"default": 0,
"description": "Maximum connections per second per client IP. Allowed values are 10-1000. Special values are 0- 'unlimited'. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1000,
"minimum": 0,
"required": false,
"title": "Max cps per client",
"type": "integer"
},
"min_pools_up": {
"description": "Minimum number of UP pools to mark VS up.",
"required": false,
"title": "Min pools up",
"type": "integer"
},
"network_profile_path": {
"description": "Determines network settings such as protocol, TCP or UDP, and related options for the protocol. It is a reference to an object of type NetworkProfile. Special default for Essentials edition is System-TCP-Fast-Path.",
"required": false,
"title": "Network profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_NETWORKPROFILE_RELATIONSHIP",
"rightType": [
"ALBNetworkProfile"
]
}
]
},
"network_security_policy_path": {
"description": "Network security policies for the Virtual Service. It is a reference to an object of type NetworkSecurityPolicy.",
"required": false,
"title": "Network security policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_NETWORKSECURITYPOLICY_RELATIONSHIP",
"rightType": [
"ALBNetworkSecurityPolicy"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_limits": {
"$ref": "ALBPerformanceLimits,
"description": "Optional settings that determine performance limits like max connections or bandwdith etc.",
"required": false,
"title": "Performance limits"
},
"pool_group_path": {
"description": "The pool group is an object that contains pools. It is a reference to an object of type PoolGroup.",
"required": false,
"title": "Pool group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_POOLGROUP_RELATIONSHIP",
"rightType": [
"ALBPoolGroup"
]
}
]
},
"pool_path": {
"description": "The pool is an object that contains destination servers and related attributes such as load-balancing and persistence. It is a reference to an object of type Pool.",
"required": false,
"title": "Pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remove_listening_port_on_vs_down": {
"default": false,
"description": "Remove listening port if VirtualService is down. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Remove listening port on vs down",
"type": "boolean"
},
"requests_rate_limit": {
"$ref": "ALBRateProfile,
"description": "Rate limit the incoming requests to this virtual service.",
"required": false,
"title": "Requests rate limit"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"saml_sp_config": {
"$ref": "ALBSAMLSPConfig,
"description": "Application-specific SAML config. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Saml sp config"
},
"se_group_name": {
"description": "The Service Engine Group to use for this Virtual Service. Moving to a new SE Group is disruptive to existing connections for this VS. It is a reference to an object of type ServiceEngineGroup.",
"required": false,
"title": "Se group name",
"type": "string"
},
"security_policy_path": {
"description": "Security policy applied on the traffic of the Virtual Service. This policy is used to perform security actions such as Distributed Denial of Service (DDoS) attack mitigation, etc. It is a reference to an object of type SecurityPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Security policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SECURITYPOLICY_RELATIONSHIP",
"rightType": [
"ALBSecurityPolicy"
]
}
]
},
"server_network_profile_path": {
"description": "Determines the network settings profile for the server side of TCP proxied connections. Leave blank to use the same settings as the client to VS side of the connection. It is a reference to an object of type NetworkProfile.",
"required": false,
"title": "Server network profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_NETWORKPROFILE_RELATIONSHIP",
"rightType": [
"ALBNetworkProfile"
]
}
]
},
"service_metadata": {
"description": "Metadata pertaining to the Service provided by this virtual service. In Openshift/Kubernetes environments, egress pod info is stored. Any user input to this field will be overwritten by Avi Vantage.",
"required": false,
"title": "Service metadata",
"type": "string"
},
"service_pool_select": {
"description": "Select pool based on destination port.",
"items": {
"$ref": "ALBServicePoolSelector
},
"required": false,
"title": "Service pool select",
"type": "array"
},
"services": {
"description": "List of Services defined for this Virtual Service. Maximum of 2048 items allowed.",
"items": {
"$ref": "ALBService
},
"required": false,
"title": "Services",
"type": "array"
},
"sideband_profile": {
"$ref": "ALBSidebandProfile,
"description": "Sideband configuration to be used for this virtualservice.It can be used for sending traffic to sideband VIPs for external inspection etc.",
"required": false,
"title": "Sideband profile"
},
"snat_ip": {
"description": "NAT'ted floating source IP Address(es) for upstream connection to servers. Maximum of 32 items allowed.",
"items": {
"$ref": "ALBIpAddr
},
"required": false,
"title": "Snat ip",
"type": "array"
},
"sp_pool_paths": {
"description": "GSLB pools used to manage site-persistence functionality. Each site-persistence pool contains the virtualservices in all the other sites, that is auto-generated by the GSLB manager. This is a read-only field for the user. It is a reference to an object of type Pool.",
"items": {
"type": "string"
},
"required": false,
"title": "Sp pool paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_POOL_RELATIONSHIP",
"rightType": [
"ALBPool"
]
}
]
},
"ssl_key_and_certificate_paths": {
"description": "Select or create one or two certificates, EC and/or RSA, that will be presented to SSL/TLS terminated connections. It is a reference to an object of type SSLKeyAndCertificate.",
"items": {
"type": "string"
},
"required": false,
"title": "Ssl key and certificate paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SSLKEYANDCERTIFICATE_RELATIONSHIP",
"rightType": [
"ALBSSLKeyAndCertificate"
]
}
]
},
"ssl_profile_path": {
"description": "Determines the set of SSL versions and ciphers to accept for SSL/TLS terminated connections. It is a reference to an object of type SSLProfile.",
"required": false,
"title": "Ssl profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SSLPROFILE_RELATIONSHIP",
"rightType": [
"ALBSSLProfile"
]
}
]
},
"ssl_profile_selectors": {
"description": "Select SSL Profile based on client IP address match. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBSSLProfileSelector
},
"required": false,
"title": "Ssl profile selectors",
"type": "array"
},
"ssl_sess_cache_avg_size": {
"default": 1024,
"description": "Expected number of SSL session cache entries (may be exceeded). Allowed values are 1024-16383. Default value when not specified in API or module is interpreted by ALB Controller as 1024.",
"maximum": 16383,
"minimum": 1024,
"required": false,
"title": "Ssl sess cache avg size",
"type": "integer"
},
"sso_policy_path": {
"description": "The SSO Policy attached to the virtualservice. It is a reference to an object of type SSOPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Sso policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_SSOPOLICY_RELATIONSHIP",
"rightType": [
"ALBSSOPolicy"
]
}
]
},
"static_dns_records": {
"description": "List of static DNS records applied to this Virtual Service. These are static entries and no health monitoring is performed against the IP addresses. Maximum of 1000 items allowed.",
"items": {
"$ref": "ALBDnsRecord
},
"required": false,
"title": "Static dns records",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"topology_policies": {
"description": "Topology Policies applied on the dns traffic of the Virtual Service based onGSLB Topology algorithm. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBDnsPolicies
},
"required": false,
"title": "Topology policies",
"type": "array"
},
"traffic_clone_profile_path": {
"description": "Server network or list of servers for cloning traffic. It is a reference to an object of type TrafficCloneProfile. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Traffic clone profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_TRAFFICCLONEPROFILE_RELATIONSHIP",
"rightType": [
"ALBTrafficCloneProfile"
]
}
]
},
"traffic_enabled": {
"default": true,
"description": "Knob to enable the Virtual Service traffic on its assigned service engines. This setting is effective only when the enabled flag is set to True. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Traffic enabled",
"type": "boolean"
},
"type": {
"$ref": "ALBVirtualServiceType,
"default": "VS_TYPE_NORMAL",
"description": "Specify if this is a normal Virtual Service, or if it is the parent or child of an SNI-enabled virtual hosted Virtual Service. Enum options - VS_TYPE_NORMAL, VS_TYPE_VH_PARENT, VS_TYPE_VH_CHILD. Allowed in Basic(Allowed values- VS_TYPE_NORMAL,VS_TYPE_VH_PARENT) edition, Essentials(Allowed values- VS_TYPE_NORMAL) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as VS_TYPE_NORMAL.",
"required": false,
"title": "Type"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_bridge_ip_as_vip": {
"default": false,
"description": "Use Bridge IP as VIP on each Host in Mesos deployments. Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use bridge ip as vip",
"type": "boolean"
},
"use_vip_as_snat": {
"default": false,
"description": "Use the Virtual IP as the SNAT IP for health monitoring and sending traffic to the backend servers instead of the Service Engine interface IP. The caveat of enabling this option is that the VirtualService cannot be configured in an Active-Active HA mode. DNS based Multi VIP solution has to be used for HA & Non-disruptive Upgrade purposes. Allowed in Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Use vip as snat",
"type": "boolean"
},
"vh_domain_name": {
"description": "The exact name requested from the client's SNI-enabled TLS hello domain name field. If this is a match, the parent VS will forward the connection to this child VS.",
"items": {
"type": "string"
},
"required": false,
"title": "Vh domain name",
"type": "array"
},
"vh_parent_vs_uuid": {
"description": "Specifies the Virtual Service acting as Virtual Hosting (SNI) parent.",
"required": false,
"title": "Vh parent vs uuid",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_VIRTUALSERVICE_RELATIONSHIP",
"rightType": [
"ALBVirtualService"
]
}
]
},
"vip": {
"description": "List of Virtual Service IPs. While creating a 'Shared VS',please use vsvip_ref to point to the shared entities.",
"items": {
"$ref": "ALBVip
},
"required": false,
"title": "Vip",
"type": "array"
},
"vrf_context_name": {
"description": "Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext.",
"required": false,
"title": "Vrf context name",
"type": "string"
},
"vs_datascripts": {
"description": "Datascripts applied on the data traffic of the Virtual Service.",
"items": {
"$ref": "ALBVSDataScripts
},
"required": false,
"title": "Vs datascripts",
"type": "array"
},
"vsvip_path": {
"description": "Mostly used during the creation of Shared VS, this field refers to entities that can be shared across Virtual Services. It is a reference to an object of type VsVip.",
"required": false,
"title": "Vsvip path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_VSVIP_RELATIONSHIP",
"rightType": [
"ALBVsVip"
]
}
]
},
"waf_policy_path": {
"description": "WAF policy for the Virtual Service. It is a reference to an object of type WafPolicy. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Waf policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBVirtualService"
],
"relationshipType": "ALB_VIRTUALSERVICE_ALB_WAFPOLICY_RELATIONSHIP",
"rightType": [
"ALBWafPolicy"
]
}
]
},
"weight": {
"default": 1,
"description": "The Quality of Service weight to assign to traffic transmitted from this Virtual Service. A higher weight will prioritize traffic versus other Virtual Services sharing the same Service Engines. Allowed values are 1-128. Allowed in Basic(Allowed values- 1) edition, Essentials(Allowed values- 1) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as 1.",
"maximum": 128,
"minimum": 1,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "VirtualService",
"type": "object"
}
ALBVirtualServiceApiResponse (type)
{
"additionalProperties": false,
"description": "VirtualServiceApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBVirtualServiceApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of VirtualService",
"items": {
"$ref": "ALBVirtualService
},
"required": false,
"title": "Array of VirtualService",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VirtualServiceApiResponse",
"type": "object"
}
ALBVirtualServiceType (type)
{
"description": "Valid ENUM values for ALBVirtualServiceType",
"enum": [
"VS_TYPE_NORMAL",
"VS_TYPE_VH_PARENT",
"VS_TYPE_VH_CHILD"
],
"id": "ALBVirtualServiceType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "VirtualServiceType type",
"type": "string"
}
ALBVsVip (type)
{
"additionalProperties": false,
"description": "Advanced load balancer VsVip object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBVsVip",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bgp_peer_labels": {
"description": "Select BGP peers, using peer label, for VsVip advertisement. Maximum of 128 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Bgp peer labels",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cloud_name": {
"description": "It is a reference to an object of type Cloud.",
"required": false,
"title": "Cloud name",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_info": {
"description": "Service discovery specific data including fully qualified domain name, type and Time-To-Live of the DNS record. Maximum of 1000 items allowed. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBDnsInfo
},
"required": false,
"title": "Dns info",
"type": "array"
},
"east_west_placement": {
"default": false,
"description": "Force placement on all Service Engines in the Service Engine Group (Container clouds only). Allowed in Basic(Allowed values- false) edition, Essentials(Allowed values- false) edition, Enterprise edition. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "East west placement",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier1_path": {
"description": "This sets the placement scope of virtualservice to given tier1 logical router in Nsx-t.",
"required": false,
"title": "Tier1 path",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"use_standard_alb": {
"description": "This overrides the cloud level default and needs to match the SE Group value in which it will be used if the SE Group use_standard_alb value is set. This is only used when FIP is used for VS on Azure Cloud. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"required": false,
"title": "Use standard alb",
"type": "boolean"
},
"vip": {
"description": "List of Virtual Service IPs and other shareable entities.",
"items": {
"$ref": "ALBVip
},
"required": false,
"title": "Vip",
"type": "array"
},
"vrf_context_name": {
"description": "Virtual Routing Context that the Virtual Service is bound to. This is used to provide the isolation of the set of networks the application is attached to. It is a reference to an object of type VrfContext.",
"required": false,
"title": "Vrf context name",
"type": "string"
},
"vsvip_cloud_config_cksum": {
"description": "Checksum of cloud configuration for VsVip. Internally set by cloud connector.",
"required": false,
"title": "Vsvip cloud config cksum",
"type": "string"
}
},
"title": "VsVip",
"type": "object"
}
ALBVsVipApiResponse (type)
{
"additionalProperties": false,
"description": "VsVipApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBVsVipApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of VsVip",
"items": {
"$ref": "ALBVsVip
},
"required": false,
"title": "Array of VsVip",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VsVipApiResponse",
"type": "object"
}
ALBWafAction (type)
{
"description": "Valid ENUM values for ALBWafAction",
"enum": [
"WAF_ACTION_NO_OP",
"WAF_ACTION_BLOCK",
"WAF_ACTION_ALLOW_PARAMETER"
],
"id": "ALBWafAction",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafAction type",
"type": "string"
}
ALBWafApplicationSignatures (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafApplicationSignatures object",
"id": "ALBWafApplicationSignatures",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"rule_overrides": {
"description": "Override attributes of application signature rules.",
"items": {
"$ref": "ALBWafRuleOverrides
},
"required": false,
"title": "Rule overrides",
"type": "array"
},
"ruleset_version": {
"description": "The version in use of the provided ruleset.",
"required": false,
"title": "Ruleset version",
"type": "string"
},
"selected_applications": {
"description": "List of applications for which we use the rules from the WafApplicationSignatureProvider. Maximum of 8 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Selected applications",
"type": "array"
}
},
"title": "WafApplicationSignatures",
"type": "object"
}
ALBWafCRS (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafCRS object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBWafCRS",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "WAF Rules are sorted in groups based on their characterization. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafRuleGroup
},
"required": false,
"title": "Groups",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"integrity": {
"description": "Integrity protection value.",
"required": true,
"title": "Integrity",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"release_date": {
"description": "The release date of this version in RFC 3339 / ISO 8601 format.",
"required": true,
"title": "Release date",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "The version of this ruleset object.",
"required": true,
"title": "Version",
"type": "string"
}
},
"title": "WafCRS",
"type": "object"
}
ALBWafCRSApiResponse (type)
{
"additionalProperties": false,
"description": "WafCRSApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBWafCRSApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of WafCRS",
"items": {
"$ref": "ALBWafCRS
},
"required": false,
"title": "Array of WafCRS",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "WafCRSApiResponse",
"type": "object"
}
ALBWafConfig (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafConfig object",
"id": "ALBWafConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"allowed_http_versions": {
"description": "WAF allowed HTTP Versions. Enum options - ZERO_NINE, ONE_ZERO, ONE_ONE, TWO_ZERO. Maximum of 8 items allowed.",
"items": {
"$ref": "ALBHTTPVersion
},
"required": false,
"title": "Allowed http versions",
"type": "array"
},
"allowed_methods": {
"description": "WAF allowed HTTP methods. Enum options - HTTP_METHOD_GET, HTTP_METHOD_HEAD, HTTP_METHOD_PUT, HTTP_METHOD_DELETE, HTTP_METHOD_POST, HTTP_METHOD_OPTIONS, HTTP_METHOD_TRACE, HTTP_METHOD_CONNECT, HTTP_METHOD_PATCH, HTTP_METHOD_PROPFIND, HTTP_METHOD_PROPPATCH, HTTP_METHOD_MKCOL, HTTP_METHOD_COPY, HTTP_METHOD_MOVE, HTTP_METHOD_LOCK, HTTP_METHOD_UNLOCK.",
"items": {
"$ref": "ALBHTTPMethod
},
"required": false,
"title": "Allowed methods",
"type": "array"
},
"allowed_request_content_types": {
"description": "WAF allowed Content Types. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Allowed request content types",
"type": "array"
},
"argument_separator": {
"default": "&",
"description": "Argument seperator. Default value when not specified in API or module is interpreted by ALB Controller as &.",
"required": false,
"title": "Argument separator",
"type": "string"
},
"client_request_max_body_size": {
"default": 32,
"description": "Maximum size for the client request body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 32.",
"maximum": 32768,
"minimum": 1,
"required": false,
"title": "Client request max body size",
"type": "integer"
},
"cookie_format_version": {
"default": 0,
"description": "0 For Netscape Cookies. 1 For version 1 cookies. Allowed values are 0-1. Default value when not specified in API or module is interpreted by ALB Controller as 0.",
"maximum": 1,
"minimum": 0,
"required": false,
"title": "Cookie format version",
"type": "integer"
},
"ignore_incomplete_request_body_error": {
"default": true,
"description": "Ignore request body parsing errors due to partial scanning. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Ignore incomplete request body error",
"type": "boolean"
},
"max_execution_time": {
"default": 50,
"description": "The maximum period of time WAF processing is allowed to take for a single request. A value of 0 (zero) means no limit and should not be chosen in production deployments. It is only used for exceptional situations where crashes of se_dp processes are acceptable. The behavior of the system if this time is exceeded depends on two other configuration settings, the WAF policy mode and the WAF failure mode. In WAF policy mode 'Detection', the request is allowed and flagged for both failure mode 'Closed' and 'Open'. In enforcement node, 'Closed' means the request is rejected, 'Open' means the request is allowed and flagged. Irrespective of these settings, no subsequent WAF rules of this or other phases will be executed once the maximum execution time has been exceeded. Allowed values are 0-5000. Unit is MILLISECONDS. Default value when not specified in API or module is interpreted by ALB Controller as 50.",
"maximum": 5000,
"minimum": 0,
"required": false,
"title": "Max execution time",
"type": "integer"
},
"regex_match_limit": {
"default": 30000,
"description": "Limit CPU utilization for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 30000.",
"required": false,
"title": "Regex match limit",
"type": "integer"
},
"regex_recursion_limit": {
"default": 10000,
"description": "Limit depth of recursion for each regular expression match when processing rules. Default value when not specified in API or module is interpreted by ALB Controller as 10000.",
"required": false,
"title": "Regex recursion limit",
"type": "integer"
},
"request_body_default_action": {
"default": "phase:2,deny,status:403,log,auditlog",
"description": "WAF default action for Request Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:2,deny,status:403,log,auditlog.",
"required": false,
"title": "Request body default action",
"type": "string"
},
"request_hdr_default_action": {
"default": "phase:1,deny,status:403,log,auditlog",
"description": "WAF default action for Request Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:1,deny,status:403,log,auditlog.",
"required": false,
"title": "Request hdr default action",
"type": "string"
},
"response_body_default_action": {
"default": "phase:4,deny,status:403,log,auditlog",
"description": "WAF default action for Response Body Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:4,deny,status:403,log,auditlog.",
"required": false,
"title": "Response body default action",
"type": "string"
},
"response_hdr_default_action": {
"default": "phase:3,deny,status:403,log,auditlog",
"description": "WAF default action for Response Header Phase. Default value when not specified in API or module is interpreted by ALB Controller as phase:3,deny,status:403,log,auditlog.",
"required": false,
"title": "Response hdr default action",
"type": "string"
},
"restricted_extensions": {
"description": "WAF Restricted File Extensions. Maximum of 256 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Restricted extensions",
"type": "array"
},
"restricted_headers": {
"description": "WAF Restricted HTTP Headers. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Restricted headers",
"type": "array"
},
"server_response_max_body_size": {
"default": 128,
"description": "Maximum size for response body scanned by WAF. Allowed values are 1-32768. Unit is KB. Default value when not specified in API or module is interpreted by ALB Controller as 128.",
"maximum": 32768,
"minimum": 1,
"required": false,
"title": "Server response max body size",
"type": "integer"
},
"static_extensions": {
"description": "WAF Static File Extensions. GET and HEAD requests with no query args and one of these extensions are allowed and not checked by the ruleset. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Static extensions",
"type": "array"
},
"status_code_for_rejected_requests": {
"$ref": "ALBHTTPResponseCodes,
"default": "HTTP_RESPONSE_CODE_403",
"description": "HTTP status code used by WAF Positive Security Model when rejecting a request. Enum options - HTTP_RESPONSE_CODE_0, HTTP_RESPONSE_CODE_100, HTTP_RESPONSE_CODE_101, HTTP_RESPONSE_CODE_200, HTTP_RESPONSE_CODE_201, HTTP_RESPONSE_CODE_202, HTTP_RESPONSE_CODE_203, HTTP_RESPONSE_CODE_204, HTTP_RESPONSE_CODE_205, HTTP_RESPONSE_CODE_206, HTTP_RESPONSE_CODE_300, HTTP_RESPONSE_CODE_301, HTTP_RESPONSE_CODE_302, HTTP_RESPONSE_CODE_303, HTTP_RESPONSE_CODE_304, HTTP_RESPONSE_CODE_305, HTTP_RESPONSE_CODE_307, HTTP_RESPONSE_CODE_400, HTTP_RESPONSE_CODE_401, HTTP_RESPONSE_CODE_402... Default value when not specified in API or module is interpreted by ALB Controller as HTTP_RESPONSE_CODE_403.",
"required": false,
"title": "Status code for rejected requests"
},
"xml_xxe_protection": {
"default": true,
"description": "Block or flag XML requests referring to External Entities. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Xml xxe protection",
"type": "boolean"
}
},
"title": "WafConfig",
"type": "object"
}
ALBWafDataFile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafDataFile object",
"id": "ALBWafDataFile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"data": {
"description": "Stringified WAF File Data.",
"required": true,
"title": "Data",
"type": "string"
},
"name": {
"description": "WAF Data File Name.",
"required": true,
"title": "Name",
"type": "string"
},
"type": {
"$ref": "ALBWafDataFileType,
"default": "WAF_DATAFILE_PM_FROM_FILE",
"description": "WAF data file type. Enum options - WAF_DATAFILE_PM_FROM_FILE, WAF_DATAFILE_DTD, WAF_DATAFILE_XSD. Default value when not specified in API or module is interpreted by ALB Controller as WAF_DATAFILE_PM_FROM_FILE.",
"required": false,
"title": "Type"
}
},
"title": "WafDataFile",
"type": "object"
}
ALBWafDataFileType (type)
{
"description": "Valid ENUM values for ALBWafDataFileType",
"enum": [
"WAF_DATAFILE_PM_FROM_FILE",
"WAF_DATAFILE_DTD",
"WAF_DATAFILE_XSD"
],
"id": "ALBWafDataFileType",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafDataFileType type",
"type": "string"
}
ALBWafExcludeListEntry (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafExcludeListEntry object",
"id": "ALBWafExcludeListEntry",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"client_subnet": {
"$ref": "ALBIpAddrPrefix,
"description": "Client IP Subnet to exclude for WAF rules.",
"required": false,
"title": "Client subnet"
},
"description": {
"description": "Free-text comment about this exclusion.",
"required": false,
"title": "Description",
"type": "string"
},
"match_element": {
"description": "The match_element can be 'ARGS xxx', 'ARGS_GET xxx', 'ARGS_POST xxx', 'ARGS_NAMES xxx', 'FILES xxx', 'QUERY_STRING', 'REQUEST_BASENAME', 'REQUEST_BODY', 'REQUEST_URI', 'REQUEST_URI_RAW', 'REQUEST_COOKIES xxx', 'REQUEST_HEADERS xxx' or 'RESPONSE_HEADERS xxx'. These match_elements in the HTTP Transaction (if present) will be excluded when executing WAF Rules.",
"required": false,
"title": "Match element",
"type": "string"
},
"match_element_criteria": {
"$ref": "ALBWafExclusionType,
"description": "Criteria for match_element matching.",
"required": false,
"title": "Match element criteria"
},
"uri_match_criteria": {
"$ref": "ALBWafExclusionType,
"description": "Criteria for URI matching.",
"required": false,
"title": "Uri match criteria"
},
"uri_path": {
"description": "URI Path to exclude for WAF rules.",
"required": false,
"title": "Uri path",
"type": "string"
}
},
"title": "WafExcludeListEntry",
"type": "object"
}
ALBWafExclusionType (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafExclusionType object",
"id": "ALBWafExclusionType",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"match_case": {
"$ref": "ALBMatchCase,
"default": "SENSITIVE",
"description": "Case sensitivity to use for the matching. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as SENSITIVE.",
"required": false,
"title": "Match case"
},
"match_op": {
"$ref": "ALBStringOperation,
"default": "EQUALS",
"description": "String Operation to use for matching the Exclusion. Enum options - BEGINS_WITH, DOES_NOT_BEGIN_WITH, CONTAINS, DOES_NOT_CONTAIN, ENDS_WITH, DOES_NOT_END_WITH, EQUALS, DOES_NOT_EQUAL, REGEX_MATCH, REGEX_DOES_NOT_MATCH. Default value when not specified in API or module is interpreted by ALB Controller as EQUALS.",
"required": false,
"title": "Match op"
}
},
"title": "WafExclusionType",
"type": "object"
}
ALBWafFailureMode (type)
{
"description": "Valid ENUM values for ALBWafFailureMode",
"enum": [
"WAF_FAILURE_MODE_OPEN",
"WAF_FAILURE_MODE_CLOSED"
],
"id": "ALBWafFailureMode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafFailureMode type",
"type": "string"
}
ALBWafMode (type)
{
"description": "Valid ENUM values for ALBWafMode",
"enum": [
"WAF_MODE_DETECTION_ONLY",
"WAF_MODE_ENFORCEMENT"
],
"id": "ALBWafMode",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafMode type",
"type": "string"
}
ALBWafPSMLocation (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPSMLocation object",
"id": "ALBWafPSMLocation",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"description": {
"description": "Free-text comment about this location.",
"required": false,
"title": "Description",
"type": "string"
},
"index": {
"description": "Location index, this is used to determine the order of the locations.",
"required": true,
"title": "Index",
"type": "integer"
},
"match": {
"$ref": "ALBWafPSMLocationMatch,
"description": "Apply these rules only if the request is matching this description.",
"required": false,
"title": "Match"
},
"name": {
"description": "User defined name for this location, it must be unique in the group.",
"required": true,
"title": "Name",
"type": "string"
},
"rules": {
"description": "A list of rules which should be applied on this location. Maximum of 1024 items allowed.",
"items": {
"$ref": "ALBWafPSMRule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "WafPSMLocation",
"type": "object"
}
ALBWafPSMLocationMatch (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPSMLocationMatch object",
"id": "ALBWafPSMLocationMatch",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"host": {
"$ref": "ALBHostHdrMatch,
"description": "Apply the rules only to requests that match the specified Host header. If this is not set, the host header will not be checked.",
"required": false,
"title": "Host"
},
"methods": {
"$ref": "ALBMethodMatch,
"description": "Apply the rules only to requests that have the specified methods. If this is not set, the method will not be checked.",
"required": false,
"title": "Methods"
},
"path": {
"$ref": "ALBPathMatch,
"description": "Apply the rules only to requests that match the specified URI. If this is not set, the path will not be checked.",
"required": false,
"title": "Path"
}
},
"title": "WafPSMLocationMatch",
"type": "object"
}
ALBWafPSMMatchElement (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPSMMatchElement object",
"id": "ALBWafPSMMatchElement",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"excluded": {
"default": false,
"description": "Mark this element excluded, like in '!ARGS password'. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Excluded",
"type": "boolean"
},
"index": {
"description": "Match_element index.",
"required": true,
"title": "Index",
"type": "integer"
},
"name": {
"$ref": "ALBWafVariable,
"description": "The variable specification. For example ARGS or REQUEST_COOKIES. This can be a scalar like PATH_INFO. Enum options - WAF_VARIABLE_ARGS, WAF_VARIABLE_ARGS_GET, WAF_VARIABLE_ARGS_POST, WAF_VARIABLE_ARGS_NAMES, WAF_VARIABLE_REQUEST_COOKIES, WAF_VARIABLE_QUERY_STRING, WAF_VARIABLE_REQUEST_BASENAME, WAF_VARIABLE_REQUEST_URI, WAF_VARIABLE_PATH_INFO.",
"required": true,
"title": "Name"
},
"sub_element": {
"description": "The name of the request collection element. This can be empty, if we address the whole collection or a scalar element.",
"required": false,
"title": "Sub element",
"type": "string"
}
},
"title": "WafPSMMatchElement",
"type": "object"
}
ALBWafPSMRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPSMRule object",
"id": "ALBWafPSMRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"description": {
"description": "Free-text comment about this rule.",
"required": false,
"title": "Description",
"type": "string"
},
"enable": {
"default": true,
"description": "Enable or disable this rule. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"index": {
"description": "Rule index, this is used to determine the order of the rules.",
"required": true,
"title": "Index",
"type": "integer"
},
"match_case": {
"$ref": "ALBMatchCase,
"default": "INSENSITIVE",
"description": "The field match_value_pattern regular expression is case sensitive. Enum options - SENSITIVE, INSENSITIVE. Default value when not specified in API or module is interpreted by ALB Controller as INSENSITIVE.",
"required": false,
"title": "Match case"
},
"match_elements": {
"description": "The match elements, for example ARGS id or ARGS|!ARGS password. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafPSMMatchElement
},
"required": false,
"title": "Match elements",
"type": "array"
},
"match_value_max_length": {
"description": "The maximum allowed length of the match_value. If this is not set, the length will not be checked.",
"required": false,
"title": "Match value max length",
"type": "integer"
},
"match_value_pattern": {
"description": "A regular expression which describes the expected value.",
"required": false,
"title": "Match value pattern",
"type": "string"
},
"mode": {
"$ref": "ALBWafMode,
"description": "WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.",
"required": false,
"title": "Mode"
},
"name": {
"description": "Name of the rule.",
"required": true,
"title": "Name",
"type": "string"
},
"paranoia_level": {
"$ref": "ALBWafParanoiaLevel,
"default": "WAF_PARANOIA_LEVEL_LOW",
"description": "WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW.",
"required": false,
"title": "Paranoia level"
},
"rule_id": {
"description": "Id field which is used for log and metric generation. This id must be unique for all rules in this group.",
"required": true,
"title": "Rule id",
"type": "string"
}
},
"title": "WafPSMRule",
"type": "object"
}
ALBWafParanoiaLevel (type)
{
"description": "Valid ENUM values for ALBWafParanoiaLevel",
"enum": [
"WAF_PARANOIA_LEVEL_LOW",
"WAF_PARANOIA_LEVEL_MEDIUM",
"WAF_PARANOIA_LEVEL_HIGH",
"WAF_PARANOIA_LEVEL_EXTREME"
],
"id": "ALBWafParanoiaLevel",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafParanoiaLevel type",
"type": "string"
}
ALBWafPhase (type)
{
"description": "Valid ENUM values for ALBWafPhase",
"enum": [
"WAF_PHASE_CONNECTION",
"WAF_PHASE_REQUEST_HEADER",
"WAF_PHASE_REQUEST_BODY",
"WAF_PHASE_RESPONSE_HEADER",
"WAF_PHASE_RESPONSE_BODY",
"WAF_PHASE_LOGGING"
],
"id": "ALBWafPhase",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafPhase type",
"type": "string"
}
ALBWafPolicy (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPolicy object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBWafPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_mode_delegation": {
"default": true,
"description": "Allow Rules to overwrite the policy mode. This must be set if the policy mode is set to enforcement. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Allow mode delegation",
"type": "boolean"
},
"application_signatures": {
"$ref": "ALBWafApplicationSignatures,
"description": "Application Specific Signatures.",
"required": false,
"title": "Application signatures"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"confidence_override": {
"$ref": "ALBAppLearningConfidenceOverride,
"description": "Configure thresholds for confidence labels.",
"required": false,
"title": "Confidence override"
},
"created_by": {
"description": "Creator name.",
"required": false,
"title": "Created by",
"type": "string"
},
"crs_overrides": {
"description": "Override attributes for CRS rules.",
"items": {
"$ref": "ALBWafRuleGroupOverrides
},
"required": false,
"title": "Crs overrides",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_app_learning": {
"default": false,
"description": "Enable Application Learning for this WAF policy. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Enable app learning",
"type": "boolean"
},
"enable_auto_rule_updates": {
"default": true,
"description": "Enable Application Learning based rule updates on the WAF Profile. Rules will be programmed in dedicated WAF learning group. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable auto rule updates",
"type": "boolean"
},
"failure_mode": {
"$ref": "ALBWafFailureMode,
"default": "WAF_FAILURE_MODE_OPEN",
"description": "WAF Policy failure mode. This can be 'Open' or 'Closed'. Enum options - WAF_FAILURE_MODE_OPEN, WAF_FAILURE_MODE_CLOSED. Default value when not specified in API or module is interpreted by ALB Controller as WAF_FAILURE_MODE_OPEN.",
"required": false,
"title": "Failure mode"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"learning_params": {
"$ref": "ALBAppLearningParams,
"description": "Parameters for tuning Application learning.",
"required": false,
"title": "Learning params"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"min_confidence": {
"$ref": "ALBAppLearningConfidenceLabel,
"default": "CONFIDENCE_VERY_HIGH",
"description": "Minimum confidence label required for auto rule updates. Enum options - CONFIDENCE_VERY_HIGH, CONFIDENCE_HIGH, CONFIDENCE_PROBABLE, CONFIDENCE_LOW, CONFIDENCE_NONE. Default value when not specified in API or module is interpreted by ALB Controller as CONFIDENCE_VERY_HIGH.",
"required": false,
"title": "Min confidence"
},
"mode": {
"$ref": "ALBWafMode,
"default": "WAF_MODE_DETECTION_ONLY",
"description": "WAF Policy mode. This can be detection or enforcement. It can be overwritten by rules if allow_mode_delegation is set. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT. Default value when not specified in API or module is interpreted by ALB Controller as WAF_MODE_DETECTION_ONLY.",
"required": false,
"title": "Mode"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"paranoia_level": {
"$ref": "ALBWafParanoiaLevel,
"default": "WAF_PARANOIA_LEVEL_LOW",
"description": "WAF Ruleset paranoia mode. This is used to select Rules based on the paranoia-level tag. Enum options - WAF_PARANOIA_LEVEL_LOW, WAF_PARANOIA_LEVEL_MEDIUM, WAF_PARANOIA_LEVEL_HIGH, WAF_PARANOIA_LEVEL_EXTREME. Default value when not specified in API or module is interpreted by ALB Controller as WAF_PARANOIA_LEVEL_LOW.",
"required": false,
"title": "Paranoia level"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"positive_security_model": {
"$ref": "ALBWafPositiveSecurityModel,
"description": "The Positive Security Model. This is used to describe how the request or parts of the request should look like. It is executed in the Request Body Phase of Avi WAF.",
"required": false,
"title": "Positive security model"
},
"post_crs_groups": {
"description": "WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced after the CRS groups.",
"items": {
"$ref": "ALBWafRuleGroup
},
"required": false,
"title": "Post crs groups",
"type": "array"
},
"pre_crs_groups": {
"description": "WAF Rules are categorized in to groups based on their characterization. These groups are created by the user and will be enforced before the CRS groups.",
"items": {
"$ref": "ALBWafRuleGroup
},
"required": false,
"title": "Pre crs groups",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"waf_crs_path": {
"description": "WAF core ruleset used for the CRS part of this Policy. It is a reference to an object of type WafCRS.",
"required": false,
"title": "Waf crs path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_WAFCRS_RELATIONSHIP",
"rightType": [
"ALBWafCRS"
]
}
]
},
"waf_profile_path": {
"description": "WAF Profile for WAF policy. It is a reference to an object of type WafProfile.",
"required": true,
"title": "Waf profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_WAFPROFILE_RELATIONSHIP",
"rightType": [
"ALBWafProfile"
]
}
]
}
},
"title": "WafPolicy",
"type": "object"
}
ALBWafPolicyApiResponse (type)
{
"additionalProperties": false,
"description": "WafPolicyApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBWafPolicyApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of WafPolicy",
"items": {
"$ref": "ALBWafPolicy
},
"required": false,
"title": "Array of WafPolicy",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "WafPolicyApiResponse",
"type": "object"
}
ALBWafPolicyPSMGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPolicyPSMGroup object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBWafPolicyPSMGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Enable or disable this WAF rule group. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"hit_action": {
"$ref": "ALBWafAction,
"default": "WAF_ACTION_ALLOW_PARAMETER",
"description": "If a rule in this group matches the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_ALLOW_PARAMETER. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_ALLOW_PARAMETER.",
"required": false,
"title": "Hit action"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_learning_group": {
"default": false,
"description": "This field indicates that this group is used for learning. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is learning group",
"type": "boolean"
},
"locations": {
"description": "Positive Security Model locations. These are used to partition the application name space. Maximum of 16384 items allowed.",
"items": {
"$ref": "ALBWafPSMLocation
},
"required": false,
"title": "Locations",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"miss_action": {
"$ref": "ALBWafAction,
"default": "WAF_ACTION_NO_OP",
"description": "If a rule in this group does not match the match_value pattern, this action will be executed. Allowed actions are WAF_ACTION_NO_OP and WAF_ACTION_BLOCK. Default value when not specified in API or module is interpreted by ALB Controller as WAF_ACTION_NO_OP.",
"required": false,
"title": "Miss action"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "WafPolicyPSMGroup",
"type": "object"
}
ALBWafPolicyPSMGroupApiResponse (type)
{
"additionalProperties": false,
"description": "WafPolicyPSMGroupApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBWafPolicyPSMGroupApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of WafPolicyPSMGroup",
"items": {
"$ref": "ALBWafPolicyPSMGroup
},
"required": false,
"title": "Array of WafPolicyPSMGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "WafPolicyPSMGroupApiResponse",
"type": "object"
}
ALBWafPositiveSecurityModel (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafPositiveSecurityModel object",
"id": "ALBWafPositiveSecurityModel",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"group_paths": {
"description": "These groups should be used to separate different levels of concern. The order of the groups matters, one group may mark parts of the request as valid, so that subsequent groups will not check these parts. It is a reference to an object of type WafPolicyPSMGroup. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ALBWafPolicy"
],
"relationshipType": "ALB_WAFPOLICY_ALB_WAFPOLICYPSMGROUP_RELATIONSHIP",
"rightType": [
"ALBWafPolicyPSMGroup"
]
}
]
}
},
"title": "WafPositiveSecurityModel",
"type": "object"
}
ALBWafProfile (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafProfile object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBWafProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "ALBWafConfig,
"description": "Config params for WAF.",
"required": true,
"title": "Config"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"files": {
"description": "List of Data Files Used for WAF Rules. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafDataFile
},
"required": false,
"title": "Files",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "WafProfile",
"type": "object"
}
ALBWafProfileApiResponse (type)
{
"additionalProperties": false,
"description": "WafProfileApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBWafProfileApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of WafProfile",
"items": {
"$ref": "ALBWafProfile
},
"required": false,
"title": "Array of WafProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "WafProfileApiResponse",
"type": "object"
}
ALBWafRule (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafRule object",
"id": "ALBWafRule",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"avi_tags": {
"description": "Tags for WAF rule as per Modsec language. They are extracted from the tag actions in a Modsec rule. This field is generated from the rule itself and cannot be set by the user. Maximum of 64 items allowed.",
"items": {
"type": "string"
},
"required": false,
"title": "Avi tags",
"type": "array"
},
"enable": {
"default": true,
"description": "Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"exclude_list": {
"description": "Exclude list for the WAF rule. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafExcludeListEntry
},
"required": false,
"title": "Exclude list",
"type": "array"
},
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"is_sensitive": {
"default": false,
"description": "The rule field is sensitive and will not be displayed. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Is sensitive",
"type": "boolean"
},
"mode": {
"$ref": "ALBWafMode,
"description": "WAF Rule mode. This can be detection or enforcement. If this is not set, the Policy mode is used. This only takes effect if the policy allows delegation. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.",
"required": false,
"title": "Mode"
},
"name": {
"description": "User-friendly optional name for a rule.",
"required": false,
"title": "Name",
"type": "string"
},
"phase": {
"$ref": "ALBWafPhase,
"description": "The execution phase where this rule will be executed. Enum options - WAF_PHASE_CONNECTION, WAF_PHASE_REQUEST_HEADER, WAF_PHASE_REQUEST_BODY, WAF_PHASE_RESPONSE_HEADER, WAF_PHASE_RESPONSE_BODY, WAF_PHASE_LOGGING.",
"required": false,
"title": "Phase"
},
"rule": {
"description": "Rule as per Modsec language.",
"required": true,
"title": "Rule",
"type": "string"
},
"rule_id": {
"description": "Identifier (id) for a rule per Modsec language. All SecRule and SecAction directives require an id. It is extracted from the id action in a Modsec rule. Rules within a single WAF Policy are required to have unique rule_ids.",
"required": false,
"title": "Rule id",
"type": "string"
}
},
"title": "WafRule",
"type": "object"
}
ALBWafRuleGroup (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafRuleGroup object",
"id": "ALBWafRuleGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable": {
"default": true,
"description": "Enable or disable WAF Rule Group. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"exclude_list": {
"description": "Exclude list for the WAF rule group. The fields in the exclude list entry are logically and'ed to deduce the exclusion criteria. If there are multiple excludelist entries, it will be 'logical or' of them. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafExcludeListEntry
},
"required": false,
"title": "Exclude list",
"type": "array"
},
"index": {
"description": "Number of index.",
"required": true,
"title": "Index",
"type": "integer"
},
"name": {
"description": "Name of the object.",
"required": true,
"title": "Name",
"type": "string"
},
"rules": {
"description": "Rules as per Modsec language. Maximum of 1024 items allowed.",
"items": {
"$ref": "ALBWafRule
},
"required": false,
"title": "Rules",
"type": "array"
}
},
"title": "WafRuleGroup",
"type": "object"
}
ALBWafRuleGroupOverrides (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafRuleGroupOverrides object",
"id": "ALBWafRuleGroupOverrides",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable": {
"description": "Override the enable flag for this group.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"exclude_list": {
"description": "Replace the exclude list for this group. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafExcludeListEntry
},
"required": false,
"title": "Exclude list",
"type": "array"
},
"mode": {
"$ref": "ALBWafMode,
"description": "Override the waf mode for this group. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.",
"required": false,
"title": "Mode"
},
"name": {
"description": "The name of the group where attributes or rules are overridden.",
"required": true,
"title": "Name",
"type": "string"
},
"rule_overrides": {
"description": "Rule specific overrides. Maximum of 1024 items allowed.",
"items": {
"$ref": "ALBWafRuleOverrides
},
"required": false,
"title": "Rule overrides",
"type": "array"
}
},
"title": "WafRuleGroupOverrides",
"type": "object"
}
ALBWafRuleOverrides (type)
{
"additionalProperties": false,
"description": "Advanced load balancer WafRuleOverrides object",
"id": "ALBWafRuleOverrides",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"enable": {
"description": "Override the enable flag for this rule.",
"required": false,
"title": "Enable",
"type": "boolean"
},
"exclude_list": {
"description": "Replace the exclude list for this rule. Maximum of 64 items allowed.",
"items": {
"$ref": "ALBWafExcludeListEntry
},
"required": false,
"title": "Exclude list",
"type": "array"
},
"mode": {
"$ref": "ALBWafMode,
"description": "Override the waf mode for this rule. Enum options - WAF_MODE_DETECTION_ONLY, WAF_MODE_ENFORCEMENT.",
"required": false,
"title": "Mode"
},
"rule_id": {
"description": "The rule_id of the rule where attributes are overridden.",
"required": true,
"title": "Rule id",
"type": "string"
}
},
"title": "WafRuleOverrides",
"type": "object"
}
ALBWafVariable (type)
{
"description": "Valid ENUM values for ALBWafVariable",
"enum": [
"WAF_VARIABLE_ARGS",
"WAF_VARIABLE_ARGS_GET",
"WAF_VARIABLE_ARGS_POST",
"WAF_VARIABLE_ARGS_NAMES",
"WAF_VARIABLE_REQUEST_COOKIES",
"WAF_VARIABLE_QUERY_STRING",
"WAF_VARIABLE_REQUEST_BASENAME",
"WAF_VARIABLE_REQUEST_URI",
"WAF_VARIABLE_PATH_INFO"
],
"id": "ALBWafVariable",
"module_id": "PolicyAdvancedLoadBalancer",
"title": "WafVariable type",
"type": "string"
}
ALBWebhook (type)
{
"additionalProperties": false,
"description": "Advanced load balancer Webhook object",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ALBWebhook",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"callback_url": {
"description": "Callback URL for the Webhook.",
"required": false,
"title": "Callback url",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"markers": {
"description": "List of labels to be used for granular RBAC. Allowed in Basic edition, Essentials edition, Enterprise edition.",
"items": {
"$ref": "ALBRoleFilterMatchLabel
},
"required": false,
"title": "Markers",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"verification_token": {
"description": "Verification token sent back with the callback asquery parameters.",
"required": false,
"title": "Verification token",
"type": "string"
}
},
"title": "Webhook",
"type": "object"
}
ALBWebhookApiResponse (type)
{
"additionalProperties": false,
"description": "WebhookApiResponse",
"extends": {
"$ref": "ListResult
},
"id": "ALBWebhookApiResponse",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"count": {
"default": null,
"description": "count",
"required": false,
"title": "count",
"type": "int"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of Webhook",
"items": {
"$ref": "ALBWebhook
},
"required": false,
"title": "Array of Webhook",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "WebhookApiResponse",
"type": "object"
}
ALGTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "ALGTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ALGTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alg": {
"description": "The Application Layer Gateway (ALG) protocol. Please note, protocol NBNS_BROADCAST and NBDG_BROADCAST are deprecated. Please use UDP protocol and create L4 Port Set type of service instead.",
"enum": [
"ORACLE_TNS",
"FTP",
"SUN_RPC_TCP",
"SUN_RPC_UDP",
"MS_RPC_TCP",
"MS_RPC_UDP",
"NBNS_BROADCAST",
"NBDG_BROADCAST",
"TFTP"
],
"required": true,
"title": "The Application Layer Gateway (ALG) protocol",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "The destination_port cannot be empty and must be a single value.",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"source_ports": {
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An ServiceEntry that represents an ALG protocol",
"type": "object"
}
AbstractSpace (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents the space in which the policy is being defined.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AbstractSpace",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "The space in which policy is being defined",
"type": "object"
}
AcceptableComponentVersion (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VersionList
},
"id": "AcceptableComponentVersion",
"module_id": "VersionWhitelist",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptable_versions": {
"items": {
"type": "string"
},
"required": true,
"title": "List of component versions",
"type": "array"
},
"component_type": {
"enum": [
"HOST",
"EDGE",
"CCP",
"MP"
],
"required": true,
"title": "Node type",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
AcceptableComponentVersionList (type)
{
"additionalProperties": false,
"id": "AcceptableComponentVersionList",
"module_id": "VersionWhitelist",
"properties": {
"results": {
"items": {
"$ref": "AcceptableComponentVersion
},
"required": true,
"title": "Acceptable version whitelist for different components",
"type": "array"
}
},
"type": "object"
}
Action (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Reaction Action is the action to take when the stipulated criteria specified in the event exist over the source. Some example actions include: - Notify Admin (or VMC's SRE) via email. - Populate a specific label with the IPSec VPN Session. - Remove the IPSec VPN Session from a specific label.",
"id": "Action",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Reaction Action",
"type": "object"
}
ActionRequest (type)
{
"additionalProperties": false,
"id": "ActionRequest",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"description": "Action required to be performed on intent",
"title": "Action to be performed",
"type": "string"
}
},
"title": "Action request object",
"type": "object"
}
ActionableResource (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "ActionableResource",
"module_id": "ClusterRestore",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"format": "hostname-or-ip",
"required": false,
"title": "A resource reference on which actions can be performed",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Resources managed during restore process",
"type": "object"
}
ActionableResourceListRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ActionableResourceListRequestParameters",
"module_id": "ClusterRestore",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"instruction_id": {
"required": true,
"title": "Id of the instruction set whose instructions are to be returned",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActionableResourceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ActionableResourceListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ActionableResource
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ActiveDirectoryIdentitySource (type)
{
"description": "An identity source service that runs Microsoft Active Directory. The service allows selected user accounts defined in Active Directory to log into and access NSX-T.",
"extends": {
"$ref": "LdapIdentitySource
},
"id": "ActiveDirectoryIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"type-identifier": "ActiveDirectoryIdentitySource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An Active Directory identity source service",
"type": "object"
}
ActiveStandbySyncStatus (type)
{
"id": "ActiveStandbySyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Description of the status.",
"type": "string"
},
"full_sync_status": {
"$ref": "FullSyncStatus,
"required": true,
"title": "Status of full sync."
},
"is_data_consistent": {
"required": true,
"title": "Indicates whether the data is consistent. Always returned as true when queried on an active Global Manager node.",
"type": "boolean"
},
"percentage_completed": {
"required": false,
"title": "Percentage estimate of synchronization progress. Ranges from 0 to 100. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"remaining_entries_to_send": {
"required": false,
"title": "Number of entries pending synchronization. This value is only returned when queried on an active Global Manager node.",
"type": "integer"
},
"standby_site": {
"required": true,
"title": "Name of standby site.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"NOT_STARTED"
],
"required": true,
"title": "Status of synchronization between active and standby Global Manager nodes.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"DELTA_SYNC",
"FULL_SYNC"
],
"required": true,
"title": "Type of synchronization currently in effect between active and standby Global Manager nodes.",
"type": "string"
}
},
"type": "object"
}
AddClusterNodeVMInfo (type)
{
"description": "Contains a list of cluster node VM deployment requests and optionally a clustering configuration.",
"id": "AddClusterNodeVMInfo",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"clustering_config": {
"$ref": "ClusteringConfig,
"deprecated": true,
"description": "This property is deprecated since ClusteringConfig is no longer needed for auto-installation and will be ignored if provided.",
"required": false,
"title": "Configuration for auto-clustering of VMs post-deployment"
},
"deployment_requests": {
"description": "Cluster node VM deployment requests to be deployed by the Manager.",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest
},
"minItems": 1,
"required": true,
"title": "List of deployment requests",
"type": "array"
}
},
"title": "Info for AddClusterNodeVM",
"type": "object"
}
AddressBindingEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "An address binding entry is a combination of the IP-MAC-VLAN binding for a logical port. The address bindings can be obtained via various methods like ARP snooping, DHCP snooping etc. or by user configuration.",
"id": "AddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier,
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"source": {
"$ref": "AddressBindingSource,
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Combination of IP-MAC-VLAN binding",
"type": "object"
}
AddressBindingSource (type) (Deprecated)
{
"deprecated": true,
"enum": [
"INVALID",
"UNKNOWN",
"USER_DEFINED",
"ARP_SNOOPING",
"DHCP_SNOOPING",
"VM_TOOLS",
"ND_SNOOPING",
"DHCPV6_SNOOPING",
"VM_TOOLS_V6"
],
"id": "AddressBindingSource",
"module_id": "LogicalPort",
"title": "Source from which the address binding is obtained",
"type": "string"
}
AdvanceClusterRestoreInput (type)
{
"id": "AdvanceClusterRestoreInput",
"module_id": "ClusterRestore",
"properties": {
"id": {
"readonly": true,
"required": true,
"title": "Unique id of an instruction (as returned by the GET /restore/status\ncall) for which input is to be provided\n",
"type": "string"
},
"resources": {
"items": {
"$ref": "SelectableResourceReference
},
"required": true,
"title": "List of resources for which the instruction is applicable.",
"type": "array"
}
},
"type": "object"
}
AdvanceClusterRestoreRequest (type)
{
"id": "AdvanceClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"data": {
"items": {
"$ref": "AdvanceClusterRestoreInput
},
"required": true,
"title": "List of instructions and their associated data",
"type": "array"
}
},
"type": "object"
}
AggregateDNSForwarderStatistics (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder statistics across enforcement points.",
"id": "AggregateDNSForwarderStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"statistics_per_enforcement_point": {
"description": "List of DNS forwarder statistics per enforcement point.",
"items": {
"$ref": "DNSForwarderStatisticsPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder statistics per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder statistics",
"type": "object"
}
AggregateDNSForwarderStatus (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder status across enforcement points.",
"id": "AggregateDNSForwarderStatus",
"module_id": "PolicyDNSStatistics",
"properties": {
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
},
"status_per_enforcement_point": {
"description": "List of DNS forwarder status per enforcement point.",
"items": {
"$ref": "DNSForwarderStatusPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder status per enforcement point",
"type": "array"
}
},
"title": "Aggregate of DNS forwarder status",
"type": "object"
}
AggregatePolicyDnsAnswer (type)
{
"additionalProperties": false,
"description": "Aggregate of DNS forwarder nslookup answer across enforcement points.",
"id": "AggregatePolicyDnsAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"dns_answer_per_enforcement_point": {
"description": "List of DNS forwarder nslookup answer per enforcement point.",
"items": {
"$ref": "PolicyDnsAnswerPerEnforcementPoint
},
"readonly": true,
"title": "List of DNS forwarder nslookup answer per enforcement point",
"type": "array"
},
"intent_path": {
"description": "String path of the DNS forwarder intent.",
"required": true,
"title": "String path of the DNS forwarder intent",
"type": "string"
}
},
"title": "Aggregate of DNS forwarder nslookup answer",
"type": "object"
}
AggregatePolicyRuntimeInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Aggregate of PolicyRuntimeInfoPerEP across Enforcement Points.",
"id": "AggregatePolicyRuntimeInfo",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
}
},
"title": "Aggregate of PolicyRuntimeInfoPerEP",
"type": "object"
}
AggregatedDataCounter (type)
{
"id": "AggregatedDataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedDataCounterEx (type)
{
"extends": {
"$ref": "AggregatedDataCounter
},
"id": "AggregatedDataCounterEx",
"module_id": "AggSvcL2Types",
"properties": {
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
AggregatedLogicalRouterPortCounters (type)
{
"id": "AggregatedLogicalRouterPortCounters",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
AntreaContainerClusterNode (type)
{
"id": "AntreaContainerClusterNode",
"properties": {
"cluster_id": {
"required": true,
"title": "The UUID of the container cluster",
"type": "string"
},
"nodes": {
"items": {
"type": "string"
},
"minItems": 1,
"title": "List of at most 200 container node UUIDs requiring a support bundle",
"type": "array"
}
},
"title": "Antrea container cluster and its nodes requiring a support bundle",
"type": "object"
}
AntreaSupportBundleContainerNode (type)
{
"additionalProperties": {},
"extends": {
"$ref": "SupportBundleContainerNode
},
"id": "AntreaSupportBundleContainerNode",
"polymorphic-type-descriptor": {
"type-identifier": "ANTREA"
},
"properties": {
"clusters": {
"items": {
"$ref": "AntreaContainerClusterNode
},
"minItems": 1,
"title": "List of AntreaContainerClusterNodes identifying container clusters and their nodes",
"type": "array"
},
"container_type": {
"enum": [
"ANTREA"
],
"required": true,
"title": "Support bundle container type",
"type": "string"
}
},
"type": "object"
}
AntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "The configuration for Antrea traceflow.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "AntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"container_cluster_id": {
"description": "Container cluster ID in inventory. This property is used to identify multiple clusters under single NSX-T.",
"required": true,
"title": "Container cluster ID",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_external_id": {
"description": "Destination external id for Antrea traceflow. Must be ContainerApplicationInstance or ContainerApplication. Ignored if destination_ip provided in packet data.",
"required": false,
"title": "Destination external id",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true.",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"packet": {
"$ref": "AntreaTraceflowPacketData,
"description": "Configuration of packet data.",
"required": false,
"title": "Packet configuration"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_external_id": {
"description": "Source external id for Antrea traceflow. Must be ContainerApplicationInstance external_id.",
"required": true,
"title": "Source external id",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Antrea traceflow configuration",
"type": "object"
}
AntreaTraceflowIcmpEchoRequestHeader (type)
{
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIcmpEchoRequestHeader",
"module_id": "PolicyConnectivity",
"properties": {
"id": {
"description": "Id of IcmpEchoRequest.",
"title": "IcmpEchoRequest id",
"type": "integer"
},
"sequence": {
"description": "Sequence number of IcmpEchoRequest.",
"title": "Icmp sequence",
"type": "integer"
}
},
"title": "IcmpEchoHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpHeader (type)
{
"description": "Ip header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in IpHeader.",
"title": "Destination ip",
"type": "string"
},
"flags": {
"description": "Protocol setting in IpHeader.",
"title": "Flags",
"type": "integer"
},
"protocol": {
"description": "Protocol setting in IpHeader.",
"title": "Protocol",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in IpHeader.",
"title": "Source ip",
"type": "string"
},
"ttl": {
"description": "TTL value in IpHeader. Default is 64.",
"title": "Time to live",
"type": "integer"
}
},
"title": "IpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowIpv6Header (type)
{
"description": "Ipv6 header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowIpv6Header",
"module_id": "PolicyConnectivity",
"properties": {
"dstIp": {
"description": "Destination ip address in Ipv6Header.",
"title": "Destination ip",
"type": "string"
},
"hopLimit": {
"description": "Hop limit setting in Ipv6Header.",
"title": "Hop limit",
"type": "integer"
},
"nextHeader": {
"description": "Next header setting in Ipv6Header.",
"title": "Next header",
"type": "integer"
},
"srcIp": {
"description": "Source ip address in Ipv6Header.",
"title": "Source ip",
"type": "string"
}
},
"title": "Ipv6Header for Antrea traceflow",
"type": "object"
}
AntreaTraceflowPacketData (type)
{
"description": "Packet data stuffs for Antrea traceflow.",
"id": "AntreaTraceflowPacketData",
"module_id": "PolicyConnectivity",
"properties": {
"frameSize": {
"description": "This property is used to set packet data size.",
"title": "Packet frame size",
"type": "integer"
},
"ipHeader": {
"$ref": "AntreaTraceflowIpHeader,
"description": "This property is used to set ipv4 header data.",
"title": "Ipv4 header configuration"
},
"ipv6Header": {
"$ref": "AntreaTraceflowIpv6Header,
"description": "This property is used to set ipv6 header data.",
"title": "Ipv6 header configuration"
},
"payload": {
"description": "This property is used to set payload data.",
"title": "Packet payload",
"type": "string"
},
"resourceType": {
"description": "This property is used to set resource type.",
"enum": [
"FIELDS_PACKET_DATA",
"BINARY_PACKET_DATA"
],
"title": "Packet resource type",
"type": "string"
},
"transportHeader": {
"$ref": "AntreaTraceflowTransportHeader,
"description": "This property is used to set transport header data.",
"title": "Transport header configuration"
},
"transportType": {
"description": "This property is used to set transport type.",
"enum": [
"UNICAST",
"MULTICAST",
"BROADCAST",
"UNKNOWN"
],
"title": "Transport type",
"type": "string"
}
},
"title": "Packet data for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTcpHeader (type)
{
"description": "Tcp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTcpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in TcpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in TcpHeader.",
"title": "Source port",
"type": "integer"
},
"tcpFlags": {
"description": "Tcp flags in TcpHeader. SYN flag must be set for traceflow.",
"title": "Tcp flags",
"type": "integer"
}
},
"title": "TcpHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowTransportHeader (type)
{
"description": "Transport header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowTransportHeader",
"module_id": "PolicyConnectivity",
"properties": {
"icmpEchoRequestHeader": {
"$ref": "AntreaTraceflowIcmpEchoRequestHeader,
"description": "IcmpEchoRequest header stuffs for Antrea traceflow.",
"title": "IcmpEchoRequestHeader for Antrea traceflow"
},
"tcpHeader": {
"$ref": "AntreaTraceflowTcpHeader,
"description": "Tcp header stuffs for Antrea traceflow.",
"title": "TcpHeader for Antrea traceflow"
},
"udpHeader": {
"$ref": "AntreaTraceflowUdpHeader,
"description": "Udp header stuffs for Antrea traceflow.",
"title": "UdpHeader for Antrea traceflow"
}
},
"title": "TransportHeader for Antrea traceflow",
"type": "object"
}
AntreaTraceflowUdpHeader (type)
{
"description": "Udp header stuffs for Antrea traceflow.",
"id": "AntreaTraceflowUdpHeader",
"module_id": "PolicyConnectivity",
"properties": {
"dstPort": {
"description": "Destination port number in UdpHeader.",
"title": "Destination port",
"type": "integer"
},
"srcPort": {
"description": "Source port number in UdpHeader.",
"title": "Source port",
"type": "integer"
}
},
"title": "UdpHeader for Antrea traceflow",
"type": "object"
}
AphInfo (type)
{
"additionalProperties": false,
"description": "APH information.",
"id": "AphInfo",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"required": true,
"title": "IP address of APH service",
"type": "string"
},
"certificate": {
"required": true,
"title": "PEM Certificate of APH service",
"type": "string"
},
"fqdn": {
"required": false,
"title": "FQDN, only returned by GET /sites and GET /sites/self",
"type": "string"
},
"node_id": {
"required": true,
"title": "Node ID of the APH service",
"type": "string"
},
"port": {
"required": true,
"title": "Port of APH service",
"type": "integer"
},
"use_fqdn": {
"required": false,
"title": "whether or not fqdn flag is on",
"type": "boolean"
},
"uuid": {
"required": true,
"title": "ID of the APH service",
"type": "string"
}
},
"title": "Apliance proxy hub information",
"type": "object"
}
ApiError (type)
{
"extends": {
"$ref": "RelatedApiError
},
"id": "ApiError",
"module_id": "Common",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
},
"related_errors": {
"items": {
"$ref": "RelatedApiError
},
"title": "Other errors related to this error",
"type": "array"
}
},
"title": "Detailed information about an API Error",
"type": "object"
}
ApiRequestBody (type)
{
"additionalProperties": false,
"description": "API Request Body is an Event Source that represents an API request body that is being reveived as part of an API. Supported Request Bodies are those received as part of a PATCH/PUT/POST request.",
"extends": {
"$ref": "Source
},
"id": "ApiRequestBody",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ApiRequestBody"
},
"properties": {
"resource_pointer": {
"description": "Regex path representing a regex expression on resources. This regex is used to identify the request body(ies) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.",
"required": true,
"title": "Resource Pointer",
"type": "string"
},
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "API Request Body",
"type": "object"
}
ApiServiceConfig (type)
{
"additionalProperties": false,
"description": "Properties that affect the configuration of the NSX API service.",
"extends": {
"$ref": "ManagedResource
},
"id": "ApiServiceConfig",
"module_id": "ApiServiceConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"basic_authentication_enabled": {
"default": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"cipher_suites": {
"description": "The TLS cipher suites that the API service will negotiate.",
"items": {
"$ref": "CipherSuite
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"description": "The maximum number of concurrent API requests that will be serviced for a given authenticated client. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"default": 30,
"description": "NSX connection timeout, in seconds. To disable timeout, set to 0.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"global_api_concurrency_limit": {
"default": 199,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API rate limit in calls",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lockout_immune_addresses": {
"description": "The list of IP addresses which are not subjected to a lockout on failed login attempts.",
"items": {
"$ref": "IPAddress
},
"title": "IP addresses which are not subject to lockout on failed login attempts",
"type": "array"
},
"protocol_versions": {
"description": "The TLS protocol versions that the API service will negotiate.",
"items": {
"$ref": "ProtocolVersion
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString,
"default": "",
"description": "Host name or IP address to use for redirect location headers, or empty string to derive from current request. To disable, set redirect_host to the empty string (\"\").",
"title": "Hostname/IP to use in redirect headers"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_timeout": {
"default": 1800,
"descriptions": "Sessions inactive for more than this value are terminated. The value is given in seconds. Set to 0 to disable timeouts.",
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Configuration of the API service",
"type": "object"
}
ApplianceManagementSuppressRedirectQueryParameter (type)
{
"additionalProperties": false,
"id": "ApplianceManagementSuppressRedirectQueryParameter",
"properties": {
"suppress_redirect": {
"default": false,
"description": "Do not return a redirect HTTP status.",
"title": "Suppress redirect status if applicable",
"type": "boolean"
}
},
"type": "object"
}
ApplianceManagementTaskListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ApplianceManagementTaskListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ApplianceManagementTaskProperties
},
"required": true,
"title": "Task property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Appliance management task query results",
"type": "object"
}
ApplianceManagementTaskProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ApplianceManagementTaskProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"details": {
"readonly": true,
"title": "Details about the task if known",
"type": "object"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"id": {
"pattern": "^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}_[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$",
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "ApplianceManagementTaskStatus,
"readonly": true,
"title": "Current status of the task"
},
"user": {
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Appliance management task properties",
"type": "object"
}
ApplianceManagementTaskQueryParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResultQueryParameters
},
"id": "ApplianceManagementTaskQueryParameters",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
},
"request_method": {
"description": "Comma-separated request methods to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request method(s) to include in query result",
"type": "string"
},
"request_path": {
"description": "Comma-separated request paths to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI path(s) to include in query result",
"type": "string"
},
"request_uri": {
"description": "Comma-separated request URIs to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Request URI(s) to include in query result",
"type": "string"
},
"status": {
"description": "Comma-separated status values to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Status(es) to include in query result",
"type": "string"
},
"user": {
"description": "Comma-separated user names to include in query result",
"pattern": "^(=|!=|~|!~)?.+$",
"title": "Names of users to include in query result",
"type": "string"
}
},
"type": "object"
}
ApplianceManagementTaskStatus (type)
{
"enum": [
"running",
"error",
"success",
"canceling",
"canceled",
"killed"
],
"id": "ApplianceManagementTaskStatus",
"title": "Current status of the appliance management task",
"type": "string"
}
ApplicationConnectivityStrategy (type)
{
"additionalProperties": false,
"description": "Allows more granular policies for application workloads",
"id": "ApplicationConnectivityStrategy",
"module_id": "Policy",
"properties": {
"application_connectivity_strategy": {
"description": "App connectivity strategies",
"enum": [
"ALLOW_INTRA",
"ALLOW_EGRESS",
"ALLOW_INGRESS",
"DROP_INGRESS",
"DROP_EGRESS"
],
"required": true,
"title": "Application connectivity strategy",
"type": "string"
},
"default_application_rule_id": {
"description": "Based on the value of the app connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule.",
"readonly": true,
"required": false,
"title": "Default rule ID associated with the application_connectivity_strategy",
"type": "integer"
},
"logging_enabled": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
}
},
"title": "Application specific connectivity strategy",
"type": "object"
}
ApplyCertificateParameters (type)
{
"additionalProperties": false,
"id": "ApplyCertificateParameters",
"module_id": "CertificateManager",
"properties": {
"node_id": {
"description": "Optional node-id to which to apply the certificate. The cluster_certificate field of the matching Certificate Profile must be false, as those get applied to all nodes.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Node Id",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"description": "Service Type of the CertificateProfile to apply the certificate to.",
"required": true,
"title": "Service Type"
}
},
"type": "object"
}
ArpHeader (type)
{
"additionalProperties": false,
"id": "ArpHeader",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv4Address,
"required": true,
"title": "The destination IP address"
},
"op_code": {
"default": "ARP_REQUEST",
"description": "This field specifies the nature of the Arp message being sent.",
"enum": [
"ARP_REQUEST",
"ARP_REPLY"
],
"required": true,
"title": "Arp message type",
"type": "string"
},
"src_ip": {
"$ref": "IPv4Address,
"description": "This field specifies the IP address of the sender. If omitted, the src_ip is set to 0.0.0.0.",
"required": false,
"title": "The source IP address"
}
},
"type": "object"
}
ArpSnoopingConfig (type)
{
"additionalProperties": false,
"description": "Contains ARP snooping related configuration.",
"id": "ArpSnoopingConfig",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_binding_limit": {
"default": 1,
"description": "Number of arp snooped IP addresses Indicates the number of arp snooped IP addresses to be remembered per LogicalPort. Decreasing this value, will retain the latest bindings from the existing list of address bindings. Increasing this value will retain existing bindings and also learn any new address bindings discovered on the port until the new limit is reached.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Maximum number of ARP bindings",
"type": "int"
},
"arp_snooping_enabled": {
"default": true,
"description": "Indicates whether ARP snooping is enabled",
"required": false,
"title": "Is ARP snooping enabled or not",
"type": "boolean"
}
},
"title": "ARP Snooping Configuration",
"type": "object"
}
ArpTableRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseEdgeStatisticsRequestParameters
},
"id": "ArpTableRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
AttachedInterfaceEntry (type)
{
"additionalProperties": false,
"description": "The Attached interface is only effective for the segment port on Bare metal server.",
"id": "AttachedInterfaceEntry",
"module_id": "PolicyConnectivity",
"properties": {
"app_intf_name": {
"required": true,
"title": "The name of application interface",
"type": "string"
},
"default_gateway": {
"$ref": "IPAddress,
"required": false,
"title": "Gateway IP"
},
"migrate_intf": {
"description": "IP configuration on migrate_intf will migrate to app_intf_name. It is used for Management and Application sharing the same IP.",
"required": false,
"title": "Interface name to migrate",
"type": "string"
},
"routing_table": {
"items": {
"type": "string"
},
"required": false,
"title": "Routing rules",
"type": "array"
}
},
"title": "Attached interface information for Bare metal server",
"type": "object"
}
Attribute (type)
{
"description": "Attribute specific to a partner. There attributes are passed on to the partner appliance and is opaque to the NSX Manager. The Attributes used by the partner applicance.",
"id": "Attribute",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"attribute_type": {
"description": "Attribute Type can be of any of the allowed enum type.",
"enum": [
"IP_ADDRESS",
"PORT",
"PASSWORD",
"STRING",
"LONG",
"BOOLEAN"
],
"readonly": false,
"required": false,
"title": "Attributetype.",
"type": "string"
},
"display_name": {
"description": "Attribute display name string value.",
"readonly": false,
"required": false,
"title": "Display name",
"type": "string"
},
"key": {
"description": "Attribute key string value.",
"readonly": false,
"required": true,
"title": "key",
"type": "string"
},
"read_only": {
"default": false,
"description": "Read only Attribute cannot be overdidden by service instance/deployment.",
"readonly": false,
"required": false,
"title": "read only",
"type": "boolean"
},
"value": {
"description": "Attribute value string value.",
"readonly": false,
"required": false,
"title": "value",
"type": "string"
}
},
"title": "Attributes",
"type": "object"
}
AttributeVal (type)
{
"description": "Contains type specific properties of generic realized entity",
"id": "AttributeVal",
"module_id": "PolicyRealizedState",
"properties": {
"data_type": {
"description": "Datatype of the property",
"enum": [
"STRING",
"DATE",
"INTEGER",
"BOOLEAN"
],
"readonly": true,
"required": true,
"title": "Datatype of property represented by this attribute",
"type": "string"
},
"key": {
"description": "Attribute key",
"required": false,
"title": "Key for the attribute value",
"type": "string"
},
"multivalue": {
"description": "If attribute has a single value or collection of values",
"readonly": true,
"title": "multivalue flag",
"type": "boolean"
},
"values": {
"description": "List of attribute values",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of values for the attribute",
"type": "array"
}
},
"title": "Attribute values of realized type",
"type": "object"
}
AuthenticationPolicyProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "AuthenticationPolicyProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"api_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the API for this time period. Only applies to NSX Manager nodes. Ignored on other node types.",
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"api_failed_auth_reset_period": {
"default": 900,
"description": "In order to trigger an account lockout, all authentication failures must occur in this time window. If the reset period expires, the failed login count is reset to zero. Only applies to NSX Manager nodes. Ignored on other node types.",
"minimum": 0,
"title": "Period, in seconds, for authentication failures to trigger lockout",
"type": "integer"
},
"api_max_auth_failures": {
"default": 5,
"description": "Only applies to NSX Manager nodes. Ignored on other node types.",
"minimum": 0,
"title": "Number of authentication failures that trigger API lockout",
"type": "integer"
},
"cli_failed_auth_lockout_period": {
"default": 900,
"description": "Once a lockout occurs, the account remains locked out of the CLI for this time period. While the lockout period is in effect, additional authentication attempts restart the lockout period, even if a valid password is specified.",
"minimum": 0,
"title": "Lockout period in seconds",
"type": "integer"
},
"cli_max_auth_failures": {
"default": 5,
"minimum": 0,
"title": "Number of authentication failures that trigger CLI lockout",
"type": "integer"
},
"minimum_password_length": {
"default": 8,
"minimum": 8,
"title": "Minimum number of characters required in account passwords",
"type": "integer"
}
},
"title": "Configuration of authentication policies for the NSX node",
"type": "object"
}
AuthenticationScheme (type)
{
"additionalProperties": {},
"id": "AuthenticationScheme",
"properties": {
"scheme_name": {
"required": true,
"title": "Authentication scheme name",
"type": "string"
}
},
"type": "object"
}
AutoRds (type)
{
"description": "This object holds auto assigned route distinguishers for Layer 2 and Layer 3 configurations.",
"id": "AutoRds",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"l2_auto_rds": {
"items": {
"$ref": "L2AutoRD
},
"title": "List of layer 2 Auto assigned Route Distinguisher",
"type": "array"
},
"l3_auto_rd": {
"description": "This field is auto assigned by the system. The auto RD seed is populated when user does not assign a route_distinguisher field in the gateway.",
"title": "Layer 3 Auto assigned Route Distinguisher",
"type": "string"
}
},
"title": "Auto assigned Route Distinguishers",
"type": "object"
}
AviConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a AVI type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "AviConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "AviConnectionInfo"
},
"properties": {
"cloud": {
"deprecated": true,
"description": "Clouds are containers for the environment that Avi Vantage is installed or operating within. During initial setup of Vantage, a default cloud, named Default-Cloud, is created. This is where the first Controller is deployed, into Default-Cloud. Additional clouds may be added, containing SEs and virtual services. This is a deprecated property. Cloud has been renamed to cloud_name and it will added from specific ALB entity.",
"required": false,
"sensitive": false,
"title": "Cloud",
"type": "string"
},
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"expires_at": {
"description": "Expiry time of the token will be set by LCM at the time of Enforcement Point Creation.",
"required": false,
"title": "Expiry time of the token",
"type": "string"
},
"managed_by": {
"description": "Managed by used when on-borading workflow created by LCM/VCF.",
"required": false,
"title": "Managed by used when on-borading workflow created by LCM/VCF.",
"type": "string"
},
"password": {
"description": "Password or Token for Avi Controller.",
"required": true,
"sensitive": true,
"title": "Password or Token for Avi Controller",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"tenant": {
"description": "A tenant is an isolated instance of Avi Controller. Each Avi user account is associated with one or more tenants. The tenant associated with a user account defines the resources that user can access within Avi Vantage. When a user logs in, Avi restricts their access to only those resources that are in the same tenant",
"required": true,
"sensitive": false,
"title": "Tenant",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "string"
},
"version": {
"deprecated": true,
"description": "Avi supports API versioning for backward compatibility with automation scripts written for an object model older than the current one. Such scripts need not be updated to keep up with object model changes This is a deprecated property. The version is now auto populated from property file and its value can be read using APIs",
"required": false,
"sensitive": false,
"title": "Version",
"type": "string"
}
},
"title": "Avi Connection Info",
"type": "object"
}
Axes (type)
{
"additionalProperties": false,
"description": "Represents X and Y axes of a graph. For a multi-graph, the same axes are shared by all the graphs.",
"id": "Axes",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"x_label": {
"$ref": "Label,
"decription": "Describes the X axis of a graph. If x_label is not specified, the label will not appear for X axis. To have a support for mulitple condition use 'x-labels' property.",
"title": "Label for X axis of a graph"
},
"x_labels": {
"description": "A list of X-Axis Labels with condition support. If needed, this property can be used to provide a list of x-axis label with condition support. For a label with single condition,'x-label' property can be used.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of X-Axis Labels with condition support.",
"type": "array"
},
"y_axis_unit_labels": {
"description": "A list of Y-Axis unit Labels with condition support. If needed, this property can be used to provide a list of y-axis unit label with condition support. This unit label can be used to display the point value along with units like percentage, milliseconds etc.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of Y-Axis unit Labels with condition support.",
"type": "array"
},
"y_axis_units": {
"description": "A list of Y-Axis unit with condition support. If needed, this property can be used to provide a list of y-axis unit with condition support. This unit could be like percentage, seconds, milliseconds etc.",
"items": {
"$ref": "AxisUnit
},
"minItems": 0,
"title": "A list of Y-Axis unit with condition support.",
"type": "array"
},
"y_label": {
"$ref": "Label,
"decription": "Describes the Y axis of a graph. If y_label is not specified, the label will not appear for Y axis.",
"title": "Label for Y axis of a graph"
},
"y_labels": {
"description": "A list of Y-Axis Labels with condition support. If needed, this property can be used to provide a list of y-axis label with condition support. For a label with single condition,'y-label' property can be used.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "A list of Y-Axis Labels with condition support.",
"type": "array"
}
},
"title": "Axes of a graph",
"type": "object"
}
AxisUnit (type)
{
"additionalProperties": false,
"description": "Represents X and Y axis unit of a graph.",
"id": "AxisUnit",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the above unit will be displayed. to UI. If no condition is provided, then the unit will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"unit": {
"description": "An Axis unit.",
"enum": [
"COUNT",
"PERCENT",
"BYTES",
"MILLISECONDS",
"SECONDS",
"MINUTE",
"HOUR",
"DAY",
"KILO_BYTES",
"MEGA_BYTES",
"GIGA_BYTES"
],
"title": "An Axis unit.",
"type": "string"
}
},
"title": "Axis unit of a graph",
"type": "object"
}
BackupConfiguration (type)
{
"additionalProperties": false,
"id": "BackupConfiguration",
"module_id": "BackupConfiguration",
"properties": {
"after_inventory_update_interval": {
"maximum": 86400,
"minimum": 300,
"required": false,
"title": "A number of seconds after a last backup, that needs to pass, before a topology change will trigger a generation of a new cluster/node backups. If parameter is not provided, then changes in a topology will not trigger a generation of cluster/node backups.",
"type": "integer"
},
"backup_enabled": {
"default": false,
"title": "true if automated backup is enabled",
"type": "boolean"
},
"backup_schedule": {
"$ref": "BackupSchedule,
"title": "Set when backups should be taken - on a weekly schedule or at regular intervals."
},
"inventory_summary_interval": {
"default": 240,
"maximum": 3600,
"minimum": 30,
"title": "The minimum number of seconds between each upload of the inventory summary to backup server.",
"type": "integer"
},
"passphrase": {
"description": "Passphrase used to encrypt backup files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (any other non-space character).",
"pattern": "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[^a-zA-Z\\d\\s]).{8,}$",
"sensitive": true,
"title": "Passphrase used to encrypt backup files.",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
},
"remote_file_server": {
"$ref": "RemoteFileServer,
"required": false,
"title": "The server to which backups will be sent."
}
},
"title": "Configuration for taking manual/automated backup",
"type": "object"
}
BackupFrameRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters (site_id, etc), that describes a backup/restore frame",
"id": "BackupFrameRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"site_id": {
"default": "localhost",
"description": "Site ID of LM site, which will be supported in a frame",
"required": false,
"title": "Site ID",
"type": "string"
}
},
"title": "Backup Frame Request Parameters",
"type": "object"
}
BackupOperationHistory (type)
{
"additionalProperties": false,
"id": "BackupOperationHistory",
"module_id": "BackupConfiguration",
"properties": {
"cluster_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous cluser backups",
"type": "array"
},
"inventory_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous inventory backups",
"type": "array"
},
"node_backup_statuses": {
"items": {
"$ref": "BackupOperationStatus
},
"required": false,
"title": "Statuses of previous node backups",
"type": "array"
}
},
"title": "Past backup operation details",
"type": "object"
}
BackupOperationStatus (type)
{
"additionalProperties": false,
"id": "BackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": true,
"title": "Unique identifier of a backup",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was ended"
},
"error_code": {
"enum": [
"BACKUP_NOT_RUN_ON_MASTER",
"BACKUP_SERVER_UNREACHABLE",
"BACKUP_AUTHENTICATION_FAILURE",
"BACKUP_PERMISSION_ERROR",
"BACKUP_TIMEOUT",
"BACKUP_BAD_FINGERPRINT",
"BACKUP_GENERIC_ERROR",
"UPGRADE_IN_PROGRESS"
],
"required": false,
"title": "Error code",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error code details",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was started"
},
"success": {
"required": true,
"title": "True if backup is successfully completed, else false",
"type": "boolean"
}
},
"readOnly": true,
"title": "Backup operation status",
"type": "object"
}
BackupOverview (type)
{
"description": "Data for a single backup/restore card",
"extends": {
"$ref": "ClusterBackupInfoListResult
},
"id": "BackupOverview",
"module_id": "BackupConfiguration",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"backup_config": {
"$ref": "BackupConfiguration,
"description": "Configuration to generate a manual/automated backup",
"required": true,
"title": "Backup configuration"
},
"backup_operation_history": {
"$ref": "BackupOperationHistory,
"description": "Status of the last backup execution per component",
"required": true,
"title": "Last backup status"
},
"current_backup_operation_status": {
"$ref": "CurrentBackupOperationStatus,
"description": "Backup status decribes type, phase, success/failure and time of a | latest backup execution",
"required": true,
"title": "Current backup status"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"restore_status": {
"$ref": "ClusterRestoreStatus,
"description": "Status of restore process executing/executed on appliance",
"required": true,
"title": "Current restore status"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview",
"type": "object"
}
BackupOverviewRequestParameters (type)
{
"description": "Parameters, that REST API client needs to provide, in order to get data for a backup/restore card with or without a list of generated backups.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "BackupOverviewRequestParameters",
"module_id": "BackupConfiguration",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"frame_type": {
"default": "LOCAL_LOCAL_MANAGER",
"description": "This attribute is used to indicate the service on current site or other site for which backup is handled in a frame. LOCAL_LOCAL_MANAGER corresponds to local LM of the site. LOCAL_MANAGER cprresponds to LM of other site.",
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"readonly": true,
"required": false,
"title": "Frame type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"show_backups_list": {
"default": true,
"description": "True to request a list of backups",
"required": false,
"title": "Need a list of backups",
"type": "boolean"
},
"site_id": {
"default": "localhost",
"description": "UUID of LM site, which will be supported in a frame",
"required": false,
"title": "UUID of the site",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Backup overview request parameters",
"type": "object"
}
BackupSchedule (type)
{
"abstract": true,
"id": "BackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
}
},
"title": "Abstract base type for Weekly or Interval Backup Schedule",
"type": "object"
}
BackupUiFramesInfo (type)
{
"id": "BackupUiFramesInfo",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"readonly": true,
"required": false,
"title": "Does site have active GM",
"type": "string"
},
"api_endpoint": {
"enum": [
"global-manager",
"nsxapi",
"ica"
],
"readonly": true,
"required": true,
"title": "prefix to be used for api call",
"type": "string"
},
"frame_type": {
"enum": [
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"LOCAL_LOCAL_MANAGER",
"NSX_INTELLIGENCE"
],
"help_detail": "This attribute is used to indicate the service on current\nsite or other site for which backup is handled.\nLOCAL_LOCAL_MANAGER corresponds to local LM of the site.\nLOCAL_MANAGER cprresponds to LM of other site.\n",
"readonly": true,
"required": true,
"title": "Type of service, for which backup is handled",
"type": "string"
},
"site_id": {
"readonly": true,
"required": true,
"title": "Id of the site",
"type": "string"
},
"site_version": {
"readonly": true,
"required": true,
"title": "Version of the site",
"type": "string"
}
},
"type": "object"
}
BackupUiFramesInfoList (type)
{
"id": "BackupUiFramesInfoList",
"properties": {
"backup_frames_list": {
"items": {
"$ref": "BackupUiFramesInfo
},
"readonly": true,
"required": true,
"title": "List of backup frames(and metadata) to be displayed in UI",
"type": "array"
}
},
"type": "object"
}
BaseConsolidatedStatusPerEnforcementPoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "PolicyRuntimeInfoPerEP
},
"id": "BaseConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Base class for ConsolidatedStatusPerEnforcementPoint",
"type": "object"
}
BaseEdgeStatisticsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "BaseEdgeStatisticsRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge node must be member of enforcement point. Edge path is required when interface specified is either service or loopback interface.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"host_transport_node_path": {
"description": "Policy path of host transport node. In case of API used from Global Manager, use the HostTransportNode path from Local Manager.",
"title": "Policy path of host transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BaseEndpoint (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an endpoint which will be used as subject in rule. It is a polymorphic type object which can be either of the types - 1. Virtual 2. Logical We have 2 separate objects representing these 2 types. VirtualEndPoint for Virtual type and ServiceInstanceEndpoint for Logical.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An endpoint to be used in redirection rule",
"type": "object"
}
BaseListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "BaseListRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
BasePolicyServiceInstance (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an instance of partner Service and its configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BasePolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an instance of partner Service and its configuration",
"type": "object"
}
BaseRule (type)
{
"additionalProperties": false,
"description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseRule",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule represent base properties for ,dfw, forwarding, redirection rule",
"type": "object"
}
BaseRuleListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "BaseRuleListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
BaseTier0Interface (type)
{
"additionalProperties": false,
"description": "Tier-0 interface configuration for external connectivity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BaseTier0Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-0 interface configuration",
"type": "object"
}
BasicAuthenticationScheme (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AuthenticationScheme
},
"id": "BasicAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"basic"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^.+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
BatchParameter (type)
{
"id": "BatchParameter",
"module_id": "Common",
"properties": {
"atomic": {
"default": false,
"description": "This flag is ignored. Transactional atomicity is no longer supported.",
"required": false,
"title": "Ignored (transactional atomicity flag)",
"type": "boolean"
}
},
"title": "Options that affect how batch operations are processed",
"type": "object"
}
BatchRequest (type)
{
"id": "BatchRequest",
"module_id": "Common",
"properties": {
"continue_on_error": {
"default": true,
"description": "Continue even if an error is encountered.",
"required": false,
"type": "boolean"
},
"requests": {
"items": {
"$ref": "BatchRequestItem
},
"sensitive": true,
"type": "array"
}
},
"title": "A set of operations to be performed in a single batch",
"type": "object"
}
BatchRequestItem (type)
{
"id": "BatchRequestItem",
"module_id": "Common",
"properties": {
"body": {
"type": "object"
},
"method": {
"description": "http method type",
"enum": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH"
],
"required": true,
"title": "method type(POST/PUT/DELETE/UPDATE)",
"type": "string"
},
"uri": {
"description": "relative uri (path and args), of the call including resource id (if this is a POST/DELETE), exclude hostname and port and prefix, exploded form of parameters",
"required": true,
"title": "Internal uri of the call",
"type": "string"
}
},
"title": "A single request within a batch of operations",
"type": "object"
}
BatchResponse (type)
{
"additionalProperties": false,
"id": "BatchResponse",
"module_id": "Common",
"properties": {
"has_errors": {
"description": "Indicates if any of the APIs failed",
"title": "errors indicator",
"type": "boolean"
},
"results": {
"items": {
"$ref": "BatchResponseItem
},
"required": true,
"title": "Bulk list results",
"type": "array"
},
"rolled_back": {
"description": "Optional flag indicating that all items were rolled back even if succeeded initially",
"title": "indicates if all items were rolled back.",
"type": "boolean"
}
},
"title": "The reponse to a batch operation",
"type": "object"
}
BatchResponseItem (type)
{
"id": "BatchResponseItem",
"module_id": "Common",
"properties": {
"body": {
"description": "object returned by api",
"required": false,
"title": "object returned by api",
"type": "object"
},
"code": {
"description": "http status code",
"required": true,
"title": "object returned by api",
"type": "integer"
},
"headers": {
"description": "The headers returned by the API call",
"title": "object returned by api",
"type": "object"
}
},
"title": "A single respose in a list of batched responses",
"type": "object"
}
BfdHealthMonitoringConfig (type)
{
"description": "Bfd Health Monitoring Options used specific to BFD Transport Zone profiles",
"id": "BfdHealthMonitoringConfig",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"enabled": {
"required": true,
"title": "Whether the heartbeat is enabled. A PATCH or PUT request with \"enabled\" false (with no probe intervals) will set or reset the probe_interval to their default value.",
"type": "boolean"
},
"latency_enabled": {
"description": "The flag is to turn on/off latency. A PATCH or PUT request with \"latency_enabled\" true will enable NSX to send the networking latency data to thrid-party monitoring tools like vRNI.",
"required": false,
"title": "Whether the latency is enabled.",
"type": "boolean"
},
"probe_interval": {
"default": 1000,
"minimum": 300,
"required": false,
"title": "The time interval (in millisec) between probe packets for tunnels between transport nodes.",
"type": "integer"
}
},
"title": "Bfd Health Monitoring Options",
"type": "object"
}
BfdProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BfdProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Bidirectional Forwarding Detection configuration for BGP peers",
"type": "object"
}
BfdProfileListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of BfdProfile.",
"extends": {
"$ref": "ListResult
},
"id": "BfdProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Bfd Profile list results.",
"items": {
"$ref": "BfdProfile
},
"required": true,
"title": "Bfd Profile List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of BfdProfile",
"type": "object"
}
BgpAddressFamily (type)
{
"additionalProperties": false,
"id": "BgpAddressFamily",
"module_id": "AggSvcLogicalRouter",
"properties": {
"in_prefix_count": {
"description": "Count of in prefixes",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"out_prefix_count": {
"description": "Count of out prefixes",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"type": {
"description": "BGP address family type",
"enum": [
"IPV4_UNICAST",
"VPNV4_UNICAST",
"IPV6_UNICAST",
"L2VPN_EVPN"
],
"readonly": true,
"required": true,
"title": "BGP address family type",
"type": "string"
}
},
"type": "object"
}
BgpBfdConfig (type)
{
"additionalProperties": false,
"id": "BgpBfdConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "Flag to enable BFD cofiguration.",
"title": "Flag to enable BFD cofiguration",
"type": "boolean"
},
"interval": {
"default": 500,
"description": "Time interval between heartbeat packets in milliseconds.",
"maximum": 60000,
"minimum": 50,
"title": "Time interval between heartbeat packets in milliseconds",
"type": "int"
},
"multiple": {
"default": 3,
"description": "Declare dead multiple. Number of times heartbeat packet is missed before BFD declares the neighbor is down.",
"maximum": 16,
"minimum": 2,
"title": "Declare dead multiple",
"type": "int"
}
},
"title": "BFD configuration for BGP peers",
"type": "object"
}
BgpGracefulRestartConfig (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart mode and timer.",
"id": "BgpGracefulRestartConfig",
"module_id": "PolicyConnectivity",
"properties": {
"mode": {
"default": "HELPER_ONLY",
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"required": false,
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"timer": {
"$ref": "BgpGracefulRestartTimer,
"description": "Configuration field to hold BGP restart timers.",
"title": "BGP Graceful Restart Timer"
}
},
"title": "BGP Graceful Restart Configuration",
"type": "object"
}
BgpGracefulRestartTimer (type)
{
"additionalProperties": false,
"description": "Configuration field to hold BGP restart timers",
"id": "BgpGracefulRestartTimer",
"module_id": "PolicyConnectivity",
"properties": {
"restart_timer": {
"default": 180,
"description": "Maximum time taken (in seconds) for a BGP session to be established after a restart. This can be used to speed up routing convergence by its peer in case the BGP speaker does not come back up after a restart. If the session is not re-established within this timer, the receiving speaker will delete all the stale routes from that peer.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Graceful Restart Timer",
"type": "integer"
},
"stale_route_timer": {
"default": 600,
"description": "Maximum time (in seconds) before stale routes are removed from the RIB (Routing Information Base) when BGP restarts.",
"maximum": 3600,
"minimum": 1,
"title": "BGP Stale Route Timer",
"type": "integer"
}
},
"title": "BGP Graceful Restart Timers",
"type": "object"
}
BgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Contains information necessary to configure a BGP neighbor.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BgpNeighborConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_as_in": {
"default": false,
"required": false,
"title": "Flag to enable allowas_in option for BGP neighbor",
"type": "boolean"
},
"bfd": {
"$ref": "BgpBfdConfig,
"description": "BFD configuration for failure detection. BFD is enabled with default values when not configured.",
"title": "BFD configuration for failure detection"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"graceful_restart_mode": {
"description": "If mode is DISABLE, then graceful restart and helper modes are disabled. If mode is GR_AND_HELPER, then both graceful restart and helper modes are enabled. If mode is HELPER_ONLY, then helper mode is enabled. HELPER_ONLY mode is the ability for a BGP speaker to indicate its ability to preserve forwarding state during BGP restart. GRACEFUL_RESTART mode is the ability of a BGP speaker to advertise its restart to its peers.",
"enum": [
"DISABLE",
"GR_AND_HELPER",
"HELPER_ONLY"
],
"title": "BGP Graceful Restart Configuration Mode",
"type": "string"
},
"hold_down_time": {
"default": 180,
"description": "Wait time in seconds before declaring peer dead.",
"maximum": 65535,
"minimum": 1,
"title": "Wait time in seconds before declaring peer dead",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"in_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for IN direction. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"keep_alive_time": {
"default": 60,
"description": "Interval (in seconds) between keep alive messages sent to peer.",
"maximum": 65535,
"minimum": 1,
"title": "Interval between keep alive messages sent to peer",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_hop_limit": {
"default": 1,
"description": "Maximum number of hops allowed to reach BGP neighbor.",
"maximum": 255,
"minimum": 1,
"title": "Maximum number of hops allowed to reach BGP neighbor",
"type": "int"
},
"neighbor_address": {
"$ref": "IPAddress,
"required": true,
"title": "Neighbor IP Address"
},
"out_route_filters": {
"deprecated": true,
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied. This property is deprecated, use route_filtering instead. Specifying different values for both properties will result in error.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"password": {
"description": "Specify password for BGP neighbor authentication. Empty string (\"\") clears existing password.",
"maxLength": 32,
"minLength": 0,
"sensitive": true,
"title": "Password",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_as_num": {
"required": true,
"title": "4 Byte ASN of the neighbor in ASPLAIN Format",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_filtering": {
"description": "Enable address families and route filtering in each direction.",
"items": {
"$ref": "BgpRouteFiltering
},
"maxItems": 2,
"required": false,
"title": "Enable address families and route filtering in each direction",
"type": "array"
},
"source_addresses": {
"description": "Source addresses should belong to Tier0 external or loopback or VTI interface IP Addresses . BGP peering is formed from all these addresses. This property is mandatory when maximum_hop_limit is greater than 1.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": false,
"title": "Source IP Addresses for BGP peering",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_SOURCE_ADDRESS_TIER0_INTERFACE_RELATIONSHIP",
"rightType": [
"Tier0Interface"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP neighbor config",
"type": "object"
}
BgpNeighborConfigListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "BgpNeighborConfigListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routing Config list request parameters",
"type": "object"
}
BgpNeighborConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "BgpNeighborConfig
},
"required": true,
"title": "BGP neighbor configs list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of BGP Neighbor Configs",
"type": "object"
}
BgpNeighborRouteDetailsCsvRecord (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"extends": {
"$ref": "CsvRecord
},
"id": "BgpNeighborRouteDetailsCsvRecord",
"module_id": "AggSvcLogicalRouter",
"properties": {
"as_path": {
"description": "BGP AS path attribute.",
"readonly": true,
"required": false,
"title": "AS path",
"type": "string"
},
"local_pref": {
"description": "BGP Local Preference attribute.",
"readonly": true,
"required": false,
"title": "Local preference",
"type": "integer"
},
"logical_router_id": {
"description": "Logical router id",
"readonly": true,
"required": true,
"title": "Logical router id",
"type": "string"
},
"med": {
"description": "BGP Multi Exit Discriminator attribute.",
"readonly": true,
"required": false,
"title": "Multi Exit Discriminator",
"type": "integer"
},
"neighbor_address": {
"$ref": "IPAddress,
"description": "BGP neighbor peer IP address.",
"readonly": true,
"required": true,
"title": "Neighbor IP address"
},
"neighbor_id": {
"description": "BGP neighbor id",
"readonly": true,
"required": true,
"title": "BGP neighbor id",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address.",
"readonly": true,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop IP address.",
"readonly": true,
"required": false,
"title": "Next hop IP address"
},
"source_address": {
"$ref": "IPAddress,
"description": "BGP neighbor source address.",
"readonly": true,
"required": false,
"title": "BGP neighbor source address"
},
"transport_node_id": {
"description": "Transport node id",
"readonly": true,
"required": true,
"title": "Transport node id",
"type": "string"
},
"weight": {
"description": "BGP Weight attribute.",
"readonly": true,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRouteDetailsInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "BgpNeighborRouteDetailsInCsvFormat",
"module_id": "AggSvcLogicalRouter",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "BgpNeighborRouteDetailsCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
BgpNeighborRoutes (type)
{
"additionalProperties": false,
"description": "BGP neighbor learned/advertised route details.",
"id": "BgpNeighborRoutes",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_routes": {
"description": "Array of BGP neighbor route details per edge node.",
"items": {
"$ref": "RoutesPerTransportNode
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
},
"egde_node_routes": {
"deprecated": true,
"description": "Array of BGP neighbor route details per edge node.",
"items": {
"$ref": "RoutesPerTransportNode
},
"readonly": true,
"required": false,
"title": "Route details per transport node",
"type": "array"
},
"enforcement_point_path": {
"readonly": true,
"required": true,
"title": "Enforcement point policy path",
"type": "string"
},
"neighbor_path": {
"readonly": true,
"required": true,
"title": "BGP neighbor policy path",
"type": "string"
}
},
"title": "BGP neighbor route details",
"type": "object"
}
BgpNeighborRoutesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "BgpNeighborRoutesListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Bgp neighbor routes.",
"items": {
"$ref": "BgpNeighborRoutes
},
"required": false,
"title": "Paged Collection of Bgp neighbor routes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
BgpRouteFiltering (type)
{
"additionalProperties": false,
"id": "BgpRouteFiltering",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"description": "Address family type. If not configured, this property automatically derived for IPv4 & IPv6 peer configuration.",
"enum": [
"IPV4",
"IPV6",
"L2VPN_EVPN"
],
"title": "Address family type",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable address family.",
"title": "Enable address family",
"type": "boolean"
},
"in_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for IN direction.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for IN direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
},
"maximum_routes": {
"description": "Maximum number of routes for the address family.",
"maximum": 1000000,
"minimum": 1,
"required": false,
"title": "Maximum number of routes for the address family",
"type": "int"
},
"out_route_filters": {
"description": "Specify path of prefix-list or route map to filter routes for OUT direction. When not specified, a built-in prefix-list named 'prefixlist-out-default' is automatically applied.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Prefix-list or route map path for OUT direction",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
},
{
"leftType": [
"BgpNeighborConfig"
],
"relationshipType": "BGP_NEIGHBOR_ROUTE_MAP_RELATIONSHIP",
"rightType": [
"Tier0RouteMap"
]
}
]
}
},
"title": "Enable address_families and route filtering in each direction",
"type": "object"
}
BgpRoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "BgpRoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"count": {
"default": 1000,
"description": "Number of routes to return in response. Not used when routes are requested in CSV format.",
"minimum": 1,
"title": "Number of routes to retrieve",
"type": "int"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "BGP Routes request parameters",
"type": "object"
}
BgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Contains BGP routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "BgpRoutingConfig",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildBgpNeighborConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ecmp": {
"description": "Flag to enable ECMP.",
"required": false,
"title": "Flag to enable ECMP",
"type": "boolean"
},
"enabled": {
"description": "Flag to enable BGP configuration. Disabling will stop feature and BGP peering.",
"required": false,
"title": "Flag to enable BGP configuration",
"type": "boolean"
},
"graceful_restart": {
"deprecated": true,
"description": "Flag to enable graceful restart. This field is deprecated, please use graceful_restart_config parameter for graceful restart configuration. If both parameters are set and consistent with each other (i.e. graceful_restart=false and graceful_restart_mode=HELPER_ONLY OR graceful_restart=true and graceful_restart_mode=GR_AND_HELPER) then this is allowed, but if inconsistent with each other then this is not allowed and validation error will be thrown.",
"required": false,
"title": "Flag to enable graceful restart",
"type": "boolean"
},
"graceful_restart_config": {
"$ref": "BgpGracefulRestartConfig,
"description": "Configuration field to hold BGP Restart mode and timer.",
"title": "BGP Graceful Restart Configuration"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_sr_ibgp": {
"description": "Flag to enable inter SR IBGP configuration. When not specified, inter SR IBGP is automatically enabled if Tier-0 is created in ACTIVE_ACTIVE ha_mode.",
"required": false,
"title": "Enable inter SR IBGP configuration",
"type": "boolean"
},
"local_as_num": {
"description": "Specify BGP AS number for Tier-0 to advertize to BGP peers. AS number can be specified in ASPLAIN (e.g., \"65546\") or ASDOT (e.g., \"1.10\") format. Empty string disables BGP feature. It is required by normal tier0 but not required in vrf tier0.",
"required": false,
"title": "BGP AS number in ASPLAIN/ASDOT Format",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"multipath_relax": {
"description": "Flag to enable BGP multipath relax option.",
"required": false,
"title": "Flag to enable BGP multipath relax option",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_aggregations": {
"description": "List of routes to be aggregated.",
"items": {
"$ref": "RouteAggregationEntry
},
"maxItems": 1000,
"required": false,
"title": "List of routes to be aggregated",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "BGP routing config",
"type": "object"
}
BinaryPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData
},
"id": "BinaryPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "BinaryPacketData"
},
"properties": {
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload must contain all headers (Ethernet, IP, etc). Note that VLAN is not supported in the logical space. Hence, payload must not contain 802.1Q headers.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64 encoded full payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"required": false,
"title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.",
"type": "boolean"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
BingdingMapStackStatusListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters for port/group/segment binding map mirror stack status.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "BingdingMapStackStatusListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String path for the enforcement point.",
"required": false,
"title": "Binding map path enforcemnt point path to remote L3 mirror session",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Request parameters for binding map mirror stack status",
"type": "object"
}
BridgeEndpointStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounter
},
"id": "BridgeEndpointStatistics",
"module_id": "AggSvcBridging",
"properties": {
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
BridgeEndpointStatus (type)
{
"id": "BridgeEndpointStatus",
"module_id": "AggSvcBridging",
"properties": {
"active_nodes": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "The Ids of the transport nodes which actively serve the endpoint.",
"type": "array"
},
"endpoint_id": {
"readonly": true,
"required": true,
"title": "The id of the bridge endpoint",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
}
},
"type": "object"
}
BridgeProfileConfig (type)
{
"additionalProperties": false,
"description": "configuration parameters for Bridge Profile",
"id": "BridgeProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bridge_profile_path": {
"description": "Same bridge profile can be configured on different segments. Each bridge profile on a segment must unique.",
"required": true,
"title": "Policy path to L2 Bridge profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_BRIDGE_PROFILE_RELATIONSHIP",
"rightType": [
"L2BridgeEndpointProfile"
]
}
]
},
"uplink_teaming_policy_name": {
"description": "The name of the switching uplink teaming policy for the bridge endpoint. This name corresponds to one fot he switching uplink teaming policy names listed in teh transport zone. When this property is not specified, the teaming policy is assigned by MP.",
"title": "Uplink Teaming Policy Name",
"type": "string"
},
"vlan_ids": {
"description": "VLAN specification for bridge endpoint. Either VLAN ID or VLAN ranges can be specified. Not both.",
"items": {
"type": "string"
},
"title": "VLAN IDs",
"type": "array"
},
"vlan_transport_zone_path": {
"description": "VLAN transport zone should belong to the enforcment-point as the transport zone specified in the segment.",
"required": true,
"title": "Policy path to VLAN Transport Zone",
"type": "string"
}
},
"title": "Bridge Profile Configuration",
"type": "object"
}
BridgeProfileRequestParameters (type)
{
"additionalProperties": false,
"id": "BridgeProfileRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"bridge_profile_path": {
"description": "Policy path of Bridge profile using which a bridge end point was created.",
"required": true,
"title": "Bridge profile path",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Bridge profile request parameters",
"type": "object"
}
ByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Represents an instance of partner's service whose wiring will be done by partner itself. As partner does all the wiring, we call it as Byod - Bring your own device.",
"extends": {
"$ref": "BasePolicyServiceInstance
},
"id": "ByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ByodPolicyServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents instance of self wiring partner's service",
"type": "object"
}
CCPUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "CCPUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of CCP upgrade",
"type": "object"
}
CaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CaBundle",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificates": {
"description": "X509Certificates in the bundle",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"earliest_not_after": {
"$ref": "EpochMsTimestamp,
"description": "The earliest time in epoch milliseconds at which a certificate becomes invalid.",
"readonly": true,
"required": false
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"not_after_list": {
"description": "Times for each certificate in the bundle at which the certificate becomes invalid.",
"items": {
"$ref": "EpochMsTimestamp
},
"readonly": true,
"required": false,
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM-encoded CA bundle certificates.",
"readonly": false,
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CA certificates bundle",
"type": "object"
}
CaBundleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CaBundleListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CA bundles list.",
"items": {
"$ref": "CaBundle
},
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CA Bundle query result",
"type": "object"
}
CdpStatusType (type)
{
"enum": [
"NOT_READY",
"FETCHING",
"READY",
"ERROR"
],
"id": "CdpStatusType",
"module_id": "CertificateManager",
"title": "Status types supported of the CrlDistributionPoint",
"type": "string"
}
CentralConfigProperties (type)
{
"id": "CentralConfigProperties",
"properties": {
"local_override": {
"required": true,
"title": "Override Central Config",
"type": "boolean"
}
},
"title": "Central Config properties",
"type": "object"
}
Certificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Certificate",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"description": "List of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_private_key": {
"default": false,
"description": "Whether we have the private key for this certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"used_by": {
"description": "List of node IDs with services, that are using this certificate.",
"items": {
"$ref": "NodeIdServicesMap
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
CertificateCheckingStatus (type)
{
"additionalProperties": false,
"id": "CertificateCheckingStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when checking the certificate.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CertificateCheckingStatusType,
"description": "Status of the checked certificate.",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Result of checking a certificate",
"type": "object"
}
CertificateCheckingStatusType (type)
{
"enum": [
"OK",
"CRL_NOT_READY",
"REJECTED",
"ERROR"
],
"id": "CertificateCheckingStatusType",
"module_id": "CertificateManager",
"title": "Status types returned when checking a certificate",
"type": "string"
}
CertificateId (type)
{
"additionalProperties": false,
"id": "CertificateId",
"properties": {
"certificate_id": {
"readonly": true,
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"type": "object"
}
CertificateList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CertificateList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Certificate list.",
"items": {
"$ref": "Certificate
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Certificate queries result",
"type": "object"
}
CertificateProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "CertificateProfile",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_certificate": {
"description": "True if this is for a cluster certificate",
"readonly": true,
"required": true,
"title": "Cluster Certificate",
"type": "boolean"
},
"extended_key_usage": {
"description": "Indicating whether this certificate is used for server-auth, client-auth or both.",
"items": {
"$ref": "CertificateUsageType
},
"readonly": true,
"required": true,
"title": "Extended Key Usage",
"type": "array"
},
"node_type": {
"description": "List of types of node this certificate applies to.",
"items": {
"$ref": "NodeType
},
"readonly": true,
"required": true,
"title": "Node Type",
"type": "array"
},
"profile_name": {
"readonly": true,
"required": true,
"title": "Certificate Profile Name",
"type": "string"
},
"service_type": {
"$ref": "ServiceType,
"readonly": true,
"required": true,
"title": "Unique Service Type"
},
"unique_use": {
"description": "True if the certificate used for this service-type cannot be used anywhere else.",
"readonly": true,
"required": true,
"title": "Unique Use",
"type": "boolean"
}
},
"type": "object"
}
CertificateProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CertificateProfileListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CertificateProfile list.",
"items": {
"$ref": "CertificateProfile
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CertificateProfile query result",
"type": "object"
}
CertificateUsageType (type)
{
"enum": [
"SERVER",
"CLIENT"
],
"id": "CertificateUsageType",
"module_id": "CertificateManager",
"title": "Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER",
"type": "string"
}
ChildALBAlertScriptConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBAlertScriptConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBAlertScriptConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBAlertScriptConfig"
},
"properties": {
"ALBAlertScriptConfig": {
"$ref": "ALBAlertScriptConfig,
"description": "Contains the actual ALBAlertScriptConfig object.",
"required": true,
"title": "ChildALBAlertScriptConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBAlertScriptConfig",
"type": "object"
}
ChildALBAnalyticsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBAnalyticsProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBAnalyticsProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBAnalyticsProfile"
},
"properties": {
"ALBAnalyticsProfile": {
"$ref": "ALBAnalyticsProfile,
"description": "Contains the actual ALBAnalyticsProfile object.",
"required": true,
"title": "ChildALBAnalyticsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBAnalyticsProfile",
"type": "object"
}
ChildALBApplicationPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBApplicationPersistenceProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBApplicationPersistenceProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBApplicationPersistenceProfile"
},
"properties": {
"ALBApplicationPersistenceProfile": {
"$ref": "ALBApplicationPersistenceProfile,
"description": "Contains the actual ALBApplicationPersistenceProfile object.",
"required": true,
"title": "ChildALBApplicationPersistenceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBApplicationPersistenceProfile",
"type": "object"
}
ChildALBApplicationProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBApplicationProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBApplicationProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBApplicationProfile"
},
"properties": {
"ALBApplicationProfile": {
"$ref": "ALBApplicationProfile,
"description": "Contains the actual ALBApplicationProfile object.",
"required": true,
"title": "ChildALBApplicationProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBApplicationProfile",
"type": "object"
}
ChildALBAuthProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBAuthProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBAuthProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBAuthProfile"
},
"properties": {
"ALBAuthProfile": {
"$ref": "ALBAuthProfile,
"description": "Contains the actual ALBAuthProfile object.",
"required": true,
"title": "ChildALBAuthProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBAuthProfile",
"type": "object"
}
ChildALBAutoScaleLaunchConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBAutoScaleLaunchConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBAutoScaleLaunchConfig",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBAutoScaleLaunchConfig"
},
"properties": {
"ALBAutoScaleLaunchConfig": {
"$ref": "ALBAutoScaleLaunchConfig,
"description": "Contains the actual ALBAutoScaleLaunchConfig object.",
"required": true,
"title": "ChildALBAutoScaleLaunchConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBAutoScaleLaunchConfig",
"type": "object"
}
ChildALBCertificateManagementProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBCertificateManagementProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBCertificateManagementProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBCertificateManagementProfile"
},
"properties": {
"ALBCertificateManagementProfile": {
"$ref": "ALBCertificateManagementProfile,
"description": "Contains the actual ALBCertificateManagementProfile object.",
"required": true,
"title": "ChildALBCertificateManagementProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBCertificateManagementProfile",
"type": "object"
}
ChildALBDnsPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBDnsPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBDnsPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBDnsPolicy"
},
"properties": {
"ALBDnsPolicy": {
"$ref": "ALBDnsPolicy,
"description": "Contains the actual ALBDnsPolicy object.",
"required": true,
"title": "ChildALBDnsPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBDnsPolicy",
"type": "object"
}
ChildALBErrorPageBody (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBErrorPageBody, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBErrorPageBody",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBErrorPageBody"
},
"properties": {
"ALBErrorPageBody": {
"$ref": "ALBErrorPageBody,
"description": "Contains the actual ALBErrorPageBody object.",
"required": true,
"title": "ChildALBErrorPageBody"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBErrorPageBody",
"type": "object"
}
ChildALBErrorPageProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBErrorPageProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBErrorPageProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBErrorPageProfile"
},
"properties": {
"ALBErrorPageProfile": {
"$ref": "ALBErrorPageProfile,
"description": "Contains the actual ALBErrorPageProfile object.",
"required": true,
"title": "ChildALBErrorPageProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBErrorPageProfile",
"type": "object"
}
ChildALBHTTPPolicySet (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBHTTPPolicySet, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBHTTPPolicySet",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBHTTPPolicySet"
},
"properties": {
"ALBHTTPPolicySet": {
"$ref": "ALBHTTPPolicySet,
"description": "Contains the actual ALBHTTPPolicySet object.",
"required": true,
"title": "ChildALBHTTPPolicySet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBHTTPPolicySet",
"type": "object"
}
ChildALBHardwareSecurityModuleGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBHardwareSecurityModuleGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBHardwareSecurityModuleGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBHardwareSecurityModuleGroup"
},
"properties": {
"ALBHardwareSecurityModuleGroup": {
"$ref": "ALBHardwareSecurityModuleGroup,
"description": "Contains the actual ALBHardwareSecurityModuleGroup object.",
"required": true,
"title": "ChildALBHardwareSecurityModuleGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBHardwareSecurityModuleGroup",
"type": "object"
}
ChildALBHealthMonitor (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBHealthMonitor, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBHealthMonitor",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBHealthMonitor"
},
"properties": {
"ALBHealthMonitor": {
"$ref": "ALBHealthMonitor,
"description": "Contains the actual ALBHealthMonitor object.",
"required": true,
"title": "ChildALBHealthMonitor"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBHealthMonitor",
"type": "object"
}
ChildALBIpAddrGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBIpAddrGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBIpAddrGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBIpAddrGroup"
},
"properties": {
"ALBIpAddrGroup": {
"$ref": "ALBIpAddrGroup,
"description": "Contains the actual ALBIpAddrGroup object.",
"required": true,
"title": "ChildALBIpAddrGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBIpAddrGroup",
"type": "object"
}
ChildALBL4PolicySet (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBL4PolicySet, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBL4PolicySet",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBL4PolicySet"
},
"properties": {
"ALBL4PolicySet": {
"$ref": "ALBL4PolicySet,
"description": "Contains the actual ALBL4PolicySet object.",
"required": true,
"title": "ChildALBL4PolicySet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBL4PolicySet",
"type": "object"
}
ChildALBNetworkProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBNetworkProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBNetworkProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBNetworkProfile"
},
"properties": {
"ALBNetworkProfile": {
"$ref": "ALBNetworkProfile,
"description": "Contains the actual ALBNetworkProfile object.",
"required": true,
"title": "ChildALBNetworkProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBNetworkProfile",
"type": "object"
}
ChildALBNetworkSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBNetworkSecurityPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBNetworkSecurityPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBNetworkSecurityPolicy"
},
"properties": {
"ALBNetworkSecurityPolicy": {
"$ref": "ALBNetworkSecurityPolicy,
"description": "Contains the actual ALBNetworkSecurityPolicy object.",
"required": true,
"title": "ChildALBNetworkSecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBNetworkSecurityPolicy",
"type": "object"
}
ChildALBPKIProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBPKIProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBPKIProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBPKIProfile"
},
"properties": {
"ALBPKIProfile": {
"$ref": "ALBPKIProfile,
"description": "Contains the actual ALBPKIProfile object.",
"required": true,
"title": "ChildALBPKIProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBPKIProfile",
"type": "object"
}
ChildALBPool (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBPool, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBPool",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBPool"
},
"properties": {
"ALBPool": {
"$ref": "ALBPool,
"description": "Contains the actual ALBPool object.",
"required": true,
"title": "ChildALBPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBPool",
"type": "object"
}
ChildALBPoolGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBPoolGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBPoolGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBPoolGroup"
},
"properties": {
"ALBPoolGroup": {
"$ref": "ALBPoolGroup,
"description": "Contains the actual ALBPoolGroup object.",
"required": true,
"title": "ChildALBPoolGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBPoolGroup",
"type": "object"
}
ChildALBPoolGroupDeploymentPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBPoolGroupDeploymentPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBPoolGroupDeploymentPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBPoolGroupDeploymentPolicy"
},
"properties": {
"ALBPoolGroupDeploymentPolicy": {
"$ref": "ALBPoolGroupDeploymentPolicy,
"description": "Contains the actual ALBPoolGroupDeploymentPolicy object.",
"required": true,
"title": "ChildALBPoolGroupDeploymentPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBPoolGroupDeploymentPolicy",
"type": "object"
}
ChildALBPriorityLabels (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBPriorityLabels, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBPriorityLabels",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBPriorityLabels"
},
"properties": {
"ALBPriorityLabels": {
"$ref": "ALBPriorityLabels,
"description": "Contains the actual ALBPriorityLabels object.",
"required": true,
"title": "ChildALBPriorityLabels"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBPriorityLabels",
"type": "object"
}
ChildALBProtocolParser (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBProtocolParser, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBProtocolParser",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBProtocolParser"
},
"properties": {
"ALBProtocolParser": {
"$ref": "ALBProtocolParser,
"description": "Contains the actual ALBProtocolParser object.",
"required": true,
"title": "ChildALBProtocolParser"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBProtocolParser",
"type": "object"
}
ChildALBSSLKeyAndCertificate (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBSSLKeyAndCertificate, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBSSLKeyAndCertificate",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBSSLKeyAndCertificate"
},
"properties": {
"ALBSSLKeyAndCertificate": {
"$ref": "ALBSSLKeyAndCertificate,
"description": "Contains the actual ALBSSLKeyAndCertificate object.",
"required": true,
"title": "ChildALBSSLKeyAndCertificate"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBSSLKeyAndCertificate",
"type": "object"
}
ChildALBSSLProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBSSLProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBSSLProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBSSLProfile"
},
"properties": {
"ALBSSLProfile": {
"$ref": "ALBSSLProfile,
"description": "Contains the actual ALBSSLProfile object.",
"required": true,
"title": "ChildALBSSLProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBSSLProfile",
"type": "object"
}
ChildALBSSOPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBSSOPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBSSOPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBSSOPolicy"
},
"properties": {
"ALBSSOPolicy": {
"$ref": "ALBSSOPolicy,
"description": "Contains the actual ALBSSOPolicy object.",
"required": true,
"title": "ChildALBSSOPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBSSOPolicy",
"type": "object"
}
ChildALBSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBSecurityPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBSecurityPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBSecurityPolicy"
},
"properties": {
"ALBSecurityPolicy": {
"$ref": "ALBSecurityPolicy,
"description": "Contains the actual ALBSecurityPolicy object.",
"required": true,
"title": "ChildALBSecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBSecurityPolicy",
"type": "object"
}
ChildALBServerAutoScalePolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBServerAutoScalePolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBServerAutoScalePolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBServerAutoScalePolicy"
},
"properties": {
"ALBServerAutoScalePolicy": {
"$ref": "ALBServerAutoScalePolicy,
"description": "Contains the actual ALBServerAutoScalePolicy object.",
"required": true,
"title": "ChildALBServerAutoScalePolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBServerAutoScalePolicy",
"type": "object"
}
ChildALBStringGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBStringGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBStringGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBStringGroup"
},
"properties": {
"ALBStringGroup": {
"$ref": "ALBStringGroup,
"description": "Contains the actual ALBStringGroup object.",
"required": true,
"title": "ChildALBStringGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBStringGroup",
"type": "object"
}
ChildALBTrafficCloneProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBTrafficCloneProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBTrafficCloneProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBTrafficCloneProfile"
},
"properties": {
"ALBTrafficCloneProfile": {
"$ref": "ALBTrafficCloneProfile,
"description": "Contains the actual ALBTrafficCloneProfile object.",
"required": true,
"title": "ChildALBTrafficCloneProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBTrafficCloneProfile",
"type": "object"
}
ChildALBVSDataScriptSet (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBVSDataScriptSet, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBVSDataScriptSet",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBVSDataScriptSet"
},
"properties": {
"ALBVSDataScriptSet": {
"$ref": "ALBVSDataScriptSet,
"description": "Contains the actual ALBVSDataScriptSet object.",
"required": true,
"title": "ChildALBVSDataScriptSet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBVSDataScriptSet",
"type": "object"
}
ChildALBVirtualService (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBVirtualService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBVirtualService",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBVirtualService"
},
"properties": {
"ALBVirtualService": {
"$ref": "ALBVirtualService,
"description": "Contains the actual ALBVirtualService object.",
"required": true,
"title": "ChildALBVirtualService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBVirtualService",
"type": "object"
}
ChildALBVsVip (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBVsVip, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBVsVip",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBVsVip"
},
"properties": {
"ALBVsVip": {
"$ref": "ALBVsVip,
"description": "Contains the actual ALBVsVip object.",
"required": true,
"title": "ChildALBVsVip"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBVsVip",
"type": "object"
}
ChildALBWafCRS (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBWafCRS, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBWafCRS",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBWafCRS"
},
"properties": {
"ALBWafCRS": {
"$ref": "ALBWafCRS,
"description": "Contains the actual ALBWafCRS object.",
"required": true,
"title": "ChildALBWafCRS"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBWafCRS",
"type": "object"
}
ChildALBWafPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBWafPolicy, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBWafPolicy",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBWafPolicy"
},
"properties": {
"ALBWafPolicy": {
"$ref": "ALBWafPolicy,
"description": "Contains the actual ALBWafPolicy object.",
"required": true,
"title": "ChildALBWafPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBWafPolicy",
"type": "object"
}
ChildALBWafPolicyPSMGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBWafPolicyPSMGroup, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBWafPolicyPSMGroup",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBWafPolicyPSMGroup"
},
"properties": {
"ALBWafPolicyPSMGroup": {
"$ref": "ALBWafPolicyPSMGroup,
"description": "Contains the actual ALBWafPolicyPSMGroup object.",
"required": true,
"title": "ChildALBWafPolicyPSMGroup"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBWafPolicyPSMGroup",
"type": "object"
}
ChildALBWafProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBWafProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBWafProfile",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBWafProfile"
},
"properties": {
"ALBWafProfile": {
"$ref": "ALBWafProfile,
"description": "Contains the actual ALBWafProfile object.",
"required": true,
"title": "ChildALBWafProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBWafProfile",
"type": "object"
}
ChildALBWebhook (type)
{
"additionalProperties": false,
"description": "Child wrapper for ALBWebhook, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildALBWebhook",
"module_id": "PolicyAdvancedLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildALBWebhook"
},
"properties": {
"ALBWebhook": {
"$ref": "ALBWebhook,
"description": "Contains the actual ALBWebhook object.",
"required": true,
"title": "ChildALBWebhook"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ChildALBWebhook",
"type": "object"
}
ChildAntreaTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for AntreaTraceflowConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildAntreaTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildAntreaTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "AntreaTraceflowConfig,
"description": "Contains the actual AntreaTraceflowConfig object.",
"required": true,
"title": "AntreaTraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for AnteaTraceflowConfig",
"type": "object"
}
ChildBfdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for BfdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBfdProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBfdProfile"
},
"properties": {
"BfdProfile": {
"$ref": "BfdProfile,
"description": "Contains the actual BfdProfile object.",
"required": true,
"title": "Bfd Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BfdProfile",
"type": "object"
}
ChildBgpNeighborConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpNeighborConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBgpNeighborConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpNeighborConfig"
},
"properties": {
"BgpNeighborConfig": {
"$ref": "BgpNeighborConfig,
"description": "Contains the actual BgpNeighborConfig object.",
"required": true,
"title": "BgpNeighborConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpNeighborConfig",
"type": "object"
}
ChildBgpRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for BgpRoutingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildBgpRoutingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildBgpRoutingConfig"
},
"properties": {
"BgpRoutingConfig": {
"$ref": "BgpRoutingConfig,
"description": "Contains the actual BgpRoutingConfig object.",
"required": true,
"title": "BgpRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for BgpRoutingConfig",
"type": "object"
}
ChildByodPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ByodPolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildByodPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildByodPolicyServiceInstance"
},
"properties": {
"ByodPolicyServiceInstance": {
"$ref": "ByodPolicyServiceInstance,
"description": "Contains actual ByodPolicyServiceInstance.",
"required": true,
"title": "ByodPolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ByodPolicyServiceInstance",
"type": "object"
}
ChildCaBundle (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCaBundle",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCaBundle"
},
"properties": {
"CaBundle": {
"$ref": "CaBundle,
"description": "Contains the actual CaBundle object.",
"required": true,
"title": "CaBundle"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper for CA certificates bundle, used in hierarchical API.",
"type": "object"
}
ChildCommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationEntry, used in hierarchical API This type is deprecated. Use the type ChildRule instead.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunicationEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationEntry"
},
"properties": {
"CommunicationEntry": {
"$ref": "CommunicationEntry,
"description": "Contains the actual CommunicationEntry object.",
"required": true,
"title": "CommunicationEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationEntry",
"type": "object"
}
ChildCommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for CommunicationMap, used in hierarchical API This type is deprecated. Use the type ChildSecurityPolicy instead.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunicationMap",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunicationMap"
},
"properties": {
"CommunicationMap": {
"$ref": "CommunicationMap,
"description": "Contains the actual CommunicationMap object.",
"required": true,
"title": "CommunicationMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunicationMap",
"type": "object"
}
ChildCommunityList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for CommunityList, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildCommunityList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildCommunityList"
},
"properties": {
"CommunityList": {
"$ref": "CommunityList,
"description": "Contains the actual CommunityList object",
"required": true,
"title": "CommunityList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for CommunityList",
"type": "object"
}
ChildComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildComputeClusterIdfwConfiguration"
},
"properties": {
"ComputeClusterIdfwConfiguration": {
"$ref": "ComputeClusterIdfwConfiguration,
"description": "Contains the actual compute cluster idfw configuration object.",
"required": true,
"title": "ComputeClusterIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ComputeClusterIdfwConfiguration",
"type": "object"
}
ChildConstraint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Constraint, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildConstraint",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "ChildConstraint"
},
"properties": {
"Constraint": {
"$ref": "Constraint,
"description": "Contains the actual Constraint object",
"required": true,
"title": "Constraint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Constraint",
"type": "object"
}
ChildDeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for DeploymentZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDeploymentZone"
},
"properties": {
"DeploymentZone": {
"$ref": "DeploymentZone,
"description": "Contains the actual DeploymentZone object",
"required": true,
"title": "DeploymentZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DeploymentZone",
"type": "object"
}
ChildDfwFirewallConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDfwFirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDfwFirewallConfiguration"
},
"properties": {
"DfwFirewallConfiguration": {
"$ref": "DfwFirewallConfiguration,
"description": "Contains the actual dfw firewall configuration list object.",
"required": true,
"title": "Dfw Firewall Configuration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FirewallConfiguration",
"type": "object"
}
ChildDhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpRelayConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpRelayConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpRelayConfig"
},
"properties": {
"DhcpRelayConfig": {
"$ref": "DhcpRelayConfig,
"description": "Contains the actual DhcpRelayConfig object",
"required": true,
"title": "DhcpRelayConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpRelayConfig",
"type": "object"
}
ChildDhcpServerConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DhcpServerConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpServerConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpServerConfig"
},
"properties": {
"DhcpServerConfig": {
"$ref": "DhcpServerConfig,
"description": "Contains the actual DhcpServerConfig object",
"required": true,
"title": "DhcpServerConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpServerConfig",
"type": "object"
}
ChildDhcpStaticBindingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for DhcpStaticBindingConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDhcpStaticBindingConfig"
},
"properties": {
"DhcpStaticBindingConfig": {
"$ref": "DhcpStaticBindingConfig,
"description": "Contains the actual DhcpStaticBindingConfig object.",
"required": true,
"title": "DhcpStaticBindingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DhcpStaticBindingConfig",
"type": "object"
}
ChildDnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DnsSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"DnsSecurityProfile": {
"$ref": "DnsSecurityProfile,
"description": "Contains the actual DnsSecurityProfile object",
"required": true,
"title": "DnsSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfile",
"type": "object"
}
ChildDnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for DnsSecurityProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"DnsSecurityProfileBindingMap": {
"$ref": "DnsSecurityProfileBindingMap,
"description": "Contains the actual DnsSecurityProfileBindingMap object",
"required": true,
"title": "DnsSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DnsSecurityProfileBindingMap",
"type": "object"
}
ChildDomain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for domain, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDomain",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomain"
},
"properties": {
"Domain": {
"$ref": "Domain,
"description": "Contains the actual domain object.",
"required": true,
"title": "Domain"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Domain",
"type": "object"
}
ChildDomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for DomainDeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildDomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildDomainDeploymentMap"
},
"properties": {
"DomainDeploymentMap": {
"$ref": "DomainDeploymentMap,
"description": "Contains the actual DomainDeploymentMap object.",
"required": true,
"title": "DomainDeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for DomainDeploymentMap",
"type": "object"
}
ChildEndpointPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointPolicy used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointPolicy"
},
"properties": {
"EndpointPolicy": {
"$ref": "EndpointPolicy,
"description": "Contains actual EndpointPolicy.",
"required": true,
"title": "EndpointPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Policy",
"type": "object"
}
ChildEndpointRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EndpointRule used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEndpointRule",
"module_id": "PolicyGuestIntrospection",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEndpointRule"
},
"properties": {
"EndpointRule": {
"$ref": "EndpointRule,
"description": "Contains actual EndpointRule.",
"required": true,
"title": "EndpointRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Endpoint Rule",
"type": "object"
}
ChildEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EnforcementPoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEnforcementPoint"
},
"properties": {
"EnforcementPoint": {
"$ref": "EnforcementPoint,
"description": "Contains the actual Enforcement point object.",
"required": true,
"title": "EnforcementPoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EnforcementPoint",
"type": "object"
}
ChildEvpnConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEvpnConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnConfig"
},
"properties": {
"EvpnConfig": {
"$ref": "EvpnConfig,
"description": "Contains the actual EvpnConfig object.",
"required": true,
"title": "EvpnConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnConfig",
"type": "object"
}
ChildEvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for EvpnTunnelEndpointConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildEvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildEvpnTunnelEndpointConfig"
},
"properties": {
"EvpnTunnelEndpointConfig": {
"$ref": "EvpnTunnelEndpointConfig,
"description": "Contains the actual EvpnTunnelEndpointConfig object.",
"required": true,
"title": "EvpnTunnelEndpointConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for EvpnTunnelEndpointConfig",
"type": "object"
}
ChildFloodProtectionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfile"
},
"properties": {
"FloodProtectionProfile": {
"$ref": "FloodProtectionProfile,
"description": "Contains the actual FloodProtectionProfile object",
"required": true,
"title": "FloodProtectionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfile",
"type": "object"
}
ChildFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFloodProtectionProfileBindingMap"
},
"properties": {
"FloodProtectionProfileBindingMap": {
"$ref": "FloodProtectionProfileBindingMap,
"description": "Contains the actual FloodProtectionProfileBindingMap object",
"required": true,
"title": "FloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FloodProtectionProfileBindingMap",
"type": "object"
}
ChildForwardingPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ForwardingPolicy used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildForwardingPolicy",
"module_id": "PolicyForwarding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildForwardingPolicy"
},
"properties": {
"ForwardingPolicy": {
"$ref": "ForwardingPolicy,
"description": "Contains actual ForwardingPolicy.",
"required": true,
"title": "ForwardingPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for children of type ForwardingPolicy\n",
"type": "object"
}
ChildForwardingRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ForwardingRule used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildForwardingRule",
"module_id": "PolicyForwarding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildForwardingRule"
},
"properties": {
"ForwardingRule": {
"$ref": "ForwardingRule,
"description": "Contains actual ForwardingRule.",
"required": true,
"title": "ForwardingRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ForwardingRule\n",
"type": "object"
}
ChildFqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for FqdnAnalysisConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildFqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildFqdnAnalysisConfig"
},
"properties": {
"FqdnAnalysisConfig": {
"$ref": "FqdnAnalysisConfig,
"description": "Contains the actual FqdnAnalysisConfig object",
"required": true,
"title": "FQDN Analysis Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for FqdnAnalysisConfig",
"type": "object"
}
ChildGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGatewayPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayPolicy"
},
"properties": {
"GatewayPolicy": {
"$ref": "GatewayPolicy,
"description": "Contains the actual GatewayPolicy object",
"required": true,
"title": "GatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayPolicy",
"type": "object"
}
ChildGatewayQosProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for GatewayQosProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGatewayQosProfile",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGatewayQosProfile"
},
"properties": {
"QosProfile": {
"$ref": "GatewayQosProfile,
"description": "Contains the actual GatewayQosProfile object.",
"required": true,
"title": "GatewayQosProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GatewayQosProfile",
"type": "object"
}
ChildGeneralSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfile"
},
"properties": {
"GeneralSecurityProfile": {
"$ref": "GeneralSecurityProfile,
"description": "Contains the actual GeneralSecurityProfile object",
"required": true,
"title": "GeneralSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfile",
"type": "object"
}
ChildGeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GeneralSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGeneralSecurityProfileBindingMap"
},
"properties": {
"GeneralSecurityProfileBindingMap": {
"$ref": "GeneralSecurityProfileBindingMap,
"description": "Contains the actual GeneralSecurityProfileBindingMap object",
"required": true,
"title": "GeneralSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GeneralSecurityProfileBindingMap",
"type": "object"
}
ChildGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "GlobalConfig,
"description": "Contains the actual GlobalConfig object.",
"required": true,
"title": "GlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalConfig",
"type": "object"
}
ChildGlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GlobalIdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalIdsSignature"
},
"properties": {
"GlobalIdsSignature": {
"$ref": "GlobalIdsSignature,
"description": "Contains the GlobalIdsSignature object",
"required": true,
"title": "GlobalIdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GlobalIdsSignature",
"type": "object"
}
ChildGlobalManager (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Global Manager, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGlobalManager",
"module_id": "PolicySiteGM",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGlobalManager"
},
"properties": {
"GlobalManager": {
"$ref": "GlobalManager,
"description": "Contains the actual Global Manager object.",
"required": true,
"title": "GlobalManager"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Global Manager",
"type": "object"
}
ChildGroup (type)
{
"additionalProperties": false,
"description": "Child wrapper object for group, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroup",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroup"
},
"properties": {
"Group": {
"$ref": "Group,
"description": "Contains the actual group objects.",
"required": true,
"title": "Group"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Group",
"type": "object"
}
ChildGroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper obejct for GroupDiscoveryProfileBindingMap used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"GroupDiscoveryProfileBindingMap": {
"$ref": "GroupDiscoveryProfileBindingMap,
"description": "Contains the actual GroupDiscoveryProfileBindingMap object",
"required": true,
"title": "GroupDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupDiscoveryProfileBindingMap",
"type": "object"
}
ChildGroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for GroupMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildGroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildGroupMonitoringProfileBindingMap"
},
"properties": {
"GroupMonitoringProfileBindingMap": {
"$ref": "GroupMonitoringProfileBindingMap,
"description": "Contains the actual GroupMonitoringProfileBindingMap object",
"required": true,
"title": "GroupMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for GroupMonitoringProfileBindingMap",
"type": "object"
}
ChildIPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPDiscoveryProfile"
},
"properties": {
"IPDiscoveryProfile": {
"$ref": "IPDiscoveryProfile,
"description": "Contains the actual IPDiscoveryProfile object",
"required": true,
"title": "IPDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPDiscoveryProfile",
"type": "object"
}
ChildIPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWCollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWCollectorProfile"
},
"properties": {
"IPFIXDFWCollectorProfile": {
"$ref": "IPFIXDFWCollectorProfile,
"description": "Contains the actual IPFIXDFWCollectorProfile object",
"required": true,
"title": "IPFIXDFWCollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWCollectorProfile",
"type": "object"
}
ChildIPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXDFWProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXDFWProfile"
},
"properties": {
"IPFIXDFWProfile": {
"$ref": "IPFIXDFWProfile,
"description": "Contains the actual IPFIXDFWProfile object",
"required": true,
"title": "IPFIXDFWProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXDFWProfile",
"type": "object"
}
ChildIPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2CollectorProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2CollectorProfile"
},
"properties": {
"IPFIXL2CollectorProfile": {
"$ref": "IPFIXL2CollectorProfile,
"description": "Contains the actual IPFIXL2CollectorProfile object",
"required": true,
"title": "IPFIXL2CollectorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2CollectorProfile",
"type": "object"
}
ChildIPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPFIXL2Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPFIXL2Profile"
},
"properties": {
"IPFIXL2Profile": {
"$ref": "IPFIXL2Profile,
"description": "Contains the actual IPFIXL2Profile object",
"required": true,
"title": "IPFIXL2Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPFIXL2Profile",
"type": "object"
}
ChildIPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnDpdProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnDpdProfile"
},
"properties": {
"IPSecVpnDpdProfile": {
"$ref": "IPSecVpnDpdProfile,
"description": "Contains the actual IPSecVpnDpdProfile object.",
"required": true,
"title": "IPSecVpnDpdProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnDpdProfile",
"type": "object"
}
ChildIPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnIkeProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnIkeProfile"
},
"properties": {
"IPSecVpnIkeProfile": {
"$ref": "IPSecVpnIkeProfile,
"description": "Contains the actual IPSecVpnIkeProfile object.",
"required": true,
"title": "IPSecVpnIkeProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnIkeProfile",
"type": "object"
}
ChildIPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnLocalEndpoint, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnLocalEndpoint"
},
"properties": {
"IPSecVpnLocalEndpoint": {
"$ref": "IPSecVpnLocalEndpoint,
"description": "Contains the actual IPSecVpnLocalEndpoint object.",
"required": true,
"title": "IPSecVpnLocalEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnLocalEndpoint",
"type": "object"
}
ChildIPSecVpnService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnService"
},
"properties": {
"IPSecVpnService": {
"$ref": "IPSecVpnService,
"description": "Contains the actual IPSecVpnService object.",
"required": true,
"title": "IPSecVpnService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnService",
"type": "object"
}
ChildIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnSession"
},
"properties": {
"IPSecVpnSession": {
"$ref": "IPSecVpnSession,
"description": "Contains the actual IPSecVpnSession object.",
"required": true,
"title": "IPSecVpnSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnSession",
"type": "object"
}
ChildIPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IPSecVpnTunnelProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIPSecVpnTunnelProfile"
},
"properties": {
"IPSecVpnTunnelProfile": {
"$ref": "IPSecVpnTunnelProfile,
"description": "Contains the actual IPSecVpnTunnelProfile object",
"required": true,
"title": "IPSecVpnTunnelProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IPSecVpnTunnelProfile",
"type": "object"
}
ChildIdsClusterConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsClusterConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsClusterConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsClusterConfig"
},
"properties": {
"IdsClusterConfig": {
"$ref": "IdsClusterConfig,
"description": "Contains the IdsClusterConfig object",
"required": true,
"title": "IdsClusterConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsClusterConfig",
"type": "object"
}
ChildIdsGatewayPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGatewayPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGatewayPolicy"
},
"properties": {
"IdsGatewayPolicy": {
"$ref": "IdsGatewayPolicy,
"description": "Contains the IdsGatewayPolicy object",
"required": true,
"title": "IdsGatewayPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGatewayPolicy",
"type": "object"
}
ChildIdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsGlobalEventConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsGlobalEventConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsGlobalEventConfig"
},
"properties": {
"IdsGlobalEventConfig": {
"$ref": "IdsGlobalEventConfig,
"description": "Contains the IdsGlobalEventConfig object",
"required": true,
"title": "IdsGlobalEventConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsGlobalEventConfig",
"type": "object"
}
ChildIdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsProfile",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsProfile"
},
"properties": {
"IdsProfile": {
"$ref": "IdsProfile,
"description": "Contains the IdsProfile object",
"required": true,
"title": "IdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsProfile",
"type": "object"
}
ChildIdsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsRule",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsRule"
},
"properties": {
"IdsRule": {
"$ref": "IdsRule,
"description": "Contains the IdsRule object",
"required": true,
"title": "IdsRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsRule",
"type": "object"
}
ChildIdsSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSecurityPolicy",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSecurityPolicy"
},
"properties": {
"IdsSecurityPolicy": {
"$ref": "IdsSecurityPolicy,
"description": "Contains the IdsSecurityPolicy object",
"required": true,
"title": "IdsSecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSecurityPolicy",
"type": "object"
}
ChildIdsSettings (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSettings, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSettings",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSettings"
},
"properties": {
"IdsSettings": {
"$ref": "IdsSettings,
"description": "Contains the IdsSettings object",
"required": true,
"title": "IdsSettings"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSettings",
"type": "object"
}
ChildIdsSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSignature",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignature"
},
"properties": {
"IdsSignature": {
"$ref": "IdsSignature,
"description": "Contains the IdsSignature object",
"required": true,
"title": "IdsSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignature",
"type": "object"
}
ChildIdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsSignatureStatus, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsSignatureStatus",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsSignatureStatus"
},
"properties": {
"IdsSignatureStatus": {
"$ref": "IdsSignatureStatus,
"description": "Contains the IdsSignatureStatus object",
"required": true,
"title": "IdsSignatureStatus"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsSignatureStatus",
"type": "object"
}
ChildIdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IdsStandaloneHostConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIdsStandaloneHostConfig"
},
"properties": {
"IdsStandaloneHostConfig": {
"$ref": "IdsStandaloneHostConfig,
"description": "Contains the IdsStandaloneHostConfig object",
"required": true,
"title": "IdsStandaloneHostConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IdsStandaloneHostConfig",
"type": "object"
}
ChildInfra (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Infra, used in multi-tenancy hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildInfra",
"module_id": "Policy",
"properties": {
"Infra": {
"$ref": "Infra,
"description": "Contains the actual Infra object",
"required": true,
"title": "Infra"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Infra",
"type": "object"
}
ChildIpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressAllocation, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressAllocation",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressAllocation"
},
"properties": {
"IpAddressAllocation": {
"$ref": "IpAddressAllocation,
"description": "Contains the actual IpAddressAllocation object",
"required": true,
"title": "IpAddressAllocation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressAllocation",
"type": "object"
}
ChildIpAddressBlock (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressBlock, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressBlock",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressBlock"
},
"properties": {
"IpAddressBlock": {
"$ref": "IpAddressBlock,
"description": "Contains the actual IpAddressBlock object",
"required": true,
"title": "IpAddressBlock"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressBlock",
"type": "object"
}
ChildIpAddressPool (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPool, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressPool",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPool"
},
"properties": {
"IpAddressPool": {
"$ref": "IpAddressPool,
"description": "Contains the actual IpAddressPool object",
"required": true,
"title": "IpAddressPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPool",
"type": "object"
}
ChildIpAddressPoolSubnet (type)
{
"additionalProperties": false,
"description": "Child wrapper object for IpAddressPoolSubnet, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpAddressPoolSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "ChildIpAddressPoolSubnet"
},
"properties": {
"IpAddressPoolSubnet": {
"$ref": "IpAddressPoolSubnet,
"description": "Contains the actual IpAddressPoolSubnet object",
"required": true,
"title": "IpAddressPoolSubnet"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for IpAddressPoolSubnet",
"type": "object"
}
ChildIpv6DadProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6DadProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpv6DadProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6DadProfile": {
"$ref": "Ipv6DadProfile,
"description": "Contains the actual Ipv6DadProfile objects",
"required": true,
"title": "Ipv6DadProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6DadProfile",
"type": "object"
}
ChildIpv6NdraProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Ipv6NdraProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildIpv6NdraProfile",
"module_id": "PolicyConnectivity",
"properties": {
"Ipv6NdraProfile": {
"$ref": "Ipv6NdraProfile,
"description": "Contains the actual Ipv6NdraProfile objects",
"required": true,
"title": "Ipv6NdraProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Ipv6NdraProfile",
"type": "object"
}
ChildL2BridgeEndpointProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2BridgeEndpointProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2BridgeEndpointProfile",
"module_id": "PolicyConnectivity",
"properties": {
"L2BridgeEndpointProfile": {
"$ref": "L2BridgeEndpointProfile,
"description": "Contains the actual L2BridgeEndpointProfile object",
"required": true,
"title": "L2BridgeEndpointProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2BridgeEndpointProfile",
"type": "object"
}
ChildL2VPNService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VPNService",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNService"
},
"properties": {
"L2VPNService": {
"$ref": "L2VPNService,
"description": "Contains the actual L2VPNService object.",
"required": true,
"title": "L2VPNService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNService",
"type": "object"
}
ChildL2VPNSession (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L2VPNSession, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VPNSession",
"module_id": "PolicyVpnLayer2VPN",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VPNSession"
},
"properties": {
"L2VPNSession": {
"$ref": "L2VPNSession,
"description": "Contains the actual L2VPNSession object.",
"required": true,
"title": "L2VPNSession"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VPNSession",
"type": "object"
}
ChildL2Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2Vpn",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2Vpn"
},
"properties": {
"L2Vpn": {
"$ref": "L2Vpn,
"description": "Contains the actual L2Vpn object.",
"required": true,
"title": "L2Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2Vpn",
"type": "object"
}
ChildL2VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L2VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL2VpnContext",
"module_id": "PolicyL2Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL2VpnContext"
},
"properties": {
"L2VpnContext": {
"$ref": "L2VpnContext,
"description": "Contains the actual L2VpnContext object.",
"required": true,
"title": "L2VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L2VpnContext",
"type": "object"
}
ChildL3Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3Vpn, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL3Vpn",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3Vpn"
},
"properties": {
"L3Vpn": {
"$ref": "L3Vpn,
"description": "Contains the actual L3Vpn object.",
"required": true,
"title": "L3Vpn"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3Vpn",
"type": "object"
}
ChildL3VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper object for L3VpnContext, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL3VpnContext",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL3VpnContext"
},
"properties": {
"L3VpnContext": {
"$ref": "L3VpnContext,
"description": "Contains the actual L3VpnContext object.",
"required": true,
"title": "L3VpnContext"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L3VpnContext",
"type": "object"
}
ChildL7AccessEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Entry, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL7AccessEntry",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessEntry"
},
"properties": {
"L7AccessEntry": {
"$ref": "L7AccessEntry,
"description": "Contains the actual L7 access entry object",
"required": true,
"title": "L7 Access Entry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Entry",
"type": "object"
}
ChildL7AccessProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for L7 Access Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildL7AccessProfile",
"module_id": "L7AccessProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildL7AccessProfile"
},
"properties": {
"L7AccessProfile": {
"$ref": "L7AccessProfile,
"description": "Contains the actual L7 access profile object",
"required": true,
"title": "L7 access profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for L7 Access Profile",
"type": "object"
}
ChildLBAppProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBAppProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBAppProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBAppProfile"
},
"properties": {
"LBAppProfile": {
"$ref": "LBAppProfile,
"description": "Contains the actual LBAppProfile object.",
"required": true,
"title": "LBAppProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBAppProfile",
"type": "object"
}
ChildLBClientSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBClientSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBClientSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBClientSslProfile"
},
"properties": {
"LBClientSslProfile": {
"$ref": "LBClientSslProfile,
"description": "Contains the actual LBClientSslProfile object.",
"required": true,
"title": "LBClientSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBClientSslProfile",
"type": "object"
}
ChildLBMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBMonitorProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBMonitorProfile"
},
"properties": {
"LBMonitorProfile": {
"$ref": "LBMonitorProfile,
"description": "Contains the actual LBMonitorProfile object.",
"required": true,
"title": "LBMonitorProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBMonitorProfile",
"type": "object"
}
ChildLBPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPersistenceProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPersistenceProfile"
},
"properties": {
"LBPersistenceProfile": {
"$ref": "LBPersistenceProfile,
"description": "Contains the actual LBPersistenceProfile object.",
"required": true,
"title": "LBPersistenceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPersistenceProfile",
"type": "object"
}
ChildLBPool (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBPool, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBPool",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBPool"
},
"properties": {
"LBPool": {
"$ref": "LBPool,
"description": "Contains the actual LBPool object.",
"required": true,
"title": "LBPool"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBPool",
"type": "object"
}
ChildLBServerSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Child wrapper for LBServerSslProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBServerSslProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBServerSslProfile"
},
"properties": {
"LBServerSslProfile": {
"$ref": "LBServerSslProfile,
"description": "Contains the actual LBServerSslProfile object.",
"required": true,
"title": "LBServerSslProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBServerSslProfile",
"type": "object"
}
ChildLBService (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBService, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBService",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBService"
},
"properties": {
"LBService": {
"$ref": "LBService,
"description": "Contains the actual LBService object.",
"required": true,
"title": "LBService"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBService",
"type": "object"
}
ChildLBVirtualServer (type)
{
"additionalProperties": false,
"description": "Child wrapper for LBVirtualServer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLBVirtualServer",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLBVirtualServer"
},
"properties": {
"LBVirtualServer": {
"$ref": "LBVirtualServer,
"description": "Contains the actual LBVirtualServer object.",
"required": true,
"title": "LBVirtualServer"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LBVirtualServer",
"type": "object"
}
ChildLiveTraceConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for LiveTraceConfig for Hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLiveTraceConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLiveTraceConfig"
},
"properties": {
"LiveTraceConfig": {
"$ref": "LiveTraceConfig,
"description": "The actual LiveTraceConfig object.",
"required": true,
"title": "LiveTraceConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LiveTraceConfig",
"type": "object"
}
ChildLocaleServices (type)
{
"additionalProperties": false,
"description": "Child wrapper object for LocaleServices, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildLocaleServices",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildLocaleServices"
},
"properties": {
"LocaleServices": {
"$ref": "LocaleServices,
"description": "Contains the actual LocaleServices object",
"required": true,
"title": "LocaleServices"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for LocaleServices",
"type": "object"
}
ChildMacDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MacDiscoveryProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMacDiscoveryProfile",
"module_id": "PolicyMacDiscovery",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMacDiscoveryProfile"
},
"properties": {
"MacDiscoveryProfile": {
"$ref": "MacDiscoveryProfile,
"description": "Contains the actual MacDiscoveryProfile object",
"required": true,
"title": "MacDiscoveryProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MacDiscoveryProfile",
"type": "object"
}
ChildMalwarePreventionProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMalwarePreventionProfile",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionProfile"
},
"properties": {
"MalwarePreventionProfile": {
"$ref": "MalwarePreventionProfile,
"description": "Contains the MalwarePreventionProfile object",
"required": true,
"title": "MalwarePreventionProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionProfile",
"type": "object"
}
ChildMalwarePreventionSignature (type)
{
"additionalProperties": false,
"description": "Child wrapper object for MalwarePreventionSignature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMalwarePreventionSignature",
"module_id": "PolicyAntiMalware",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMalwarePreventionSignature"
},
"properties": {
"MalwarePreventionSignature": {
"$ref": "MalwarePreventionSignature,
"description": "Contains the MalwarePreventionSignature object",
"required": true,
"title": "MalwarePreventionSignature"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MalwarePreventionSignature",
"type": "object"
}
ChildMetadataProxyConfig (type)
{
"additionalProperties": false,
"descritpion": "Child wrapper object for MetadataProxyConfig, used in hierarchical APIs",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildMetadataProxyConfig",
"module_id": "PolicyMetadataProxy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildMetadataProxyConfig"
},
"properties": {
"MetadataProxyConfig": {
"$ref": "MetadataProxyConfig,
"description": "Contains the actual MetadataProxyConfig object.",
"required": true,
"title": "MetadataProxyConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for MetadataProxyConfig",
"type": "object"
}
ChildOpsGlobalConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OpsGlobalConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOpsGlobalConfig",
"module_id": "Policy",
"properties": {
"GlobalConfig": {
"$ref": "OpsGlobalConfig,
"description": "Contains the actual OpsGlobalConfig object.",
"required": true,
"title": "OpsGlobalConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OpsGlobalConfig",
"type": "object"
}
ChildOspfAreaConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfAreaConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOspfAreaConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfAreaConfig": {
"$ref": "OspfAreaConfig,
"description": "Contains actual OspfAreaConfig.",
"required": true,
"title": "OspfAreaConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildOspfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for OspfRoutingConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildOspfRoutingConfig",
"module_id": "PolicyOspf",
"properties": {
"OspfRoutingConfig": {
"$ref": "OspfRoutingConfig,
"description": "Contains actual OspfRoutingConfig.",
"required": true,
"title": "OspfRoutingConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for OSPF routing config",
"type": "object"
}
ChildPolicyConfigResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an object on the desired state",
"extends": {
"$ref": "ManagedResource
},
"id": "ChildPolicyConfigResource",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the desired state object as child resource",
"type": "object"
}
ChildPolicyContextProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyContextProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyContextProfile",
"module_id": "PolicyContextProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyContextProfile"
},
"properties": {
"PolicyContextProfile": {
"$ref": "PolicyContextProfile,
"description": "Contains the actual PolicyContextProfile objects",
"required": true,
"title": "PolicyContextProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyContextProfile",
"type": "object"
}
ChildPolicyCustomAttributes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyCustomAttributes, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyCustomAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"PolicyCustomAttributes": {
"$ref": "PolicyCustomAttributes,
"description": "Contains the actual PolicyCustomAttributes objects",
"required": true,
"title": "PolicyCustomAttributes"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyCustomAttributes",
"type": "object"
}
ChildPolicyDnsForwarder (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarder, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyDnsForwarder",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarder"
},
"properties": {
"PolicyDnsForwarder": {
"$ref": "PolicyDnsForwarder,
"description": "Contains the actual PolicyDnsForwarder object",
"required": true,
"title": "PolicyDnsForwarder"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarder",
"type": "object"
}
ChildPolicyDnsForwarderZone (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyDnsForwarderZone, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyDnsForwarderZone",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyDnsForwarderZone"
},
"properties": {
"PolicyDnsForwarderZone": {
"$ref": "PolicyDnsForwarderZone,
"description": "Contains the actual PolicyDnsForwarderZone object",
"required": true,
"title": "PolicyDnsForwarderZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyDnsForwarderZone",
"type": "object"
}
ChildPolicyEdgeCluster (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeCluster, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyEdgeCluster",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeCluster"
},
"properties": {
"PolicyEdgeCluster": {
"$ref": "PolicyEdgeCluster,
"description": "Contains the actual PolicyEdgeCluster object.",
"required": true,
"title": "PolicyEdgeCluster"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeCluster",
"type": "object"
}
ChildPolicyEdgeNode (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyEdgeNode, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyEdgeNode",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyEdgeNode"
},
"properties": {
"PolicyEdgeNode": {
"$ref": "PolicyEdgeNode,
"description": "Contains the actual PolicyEdgeNode object.",
"required": true,
"title": "PolicyEdgeNode"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyEdgeNode",
"type": "object"
}
ChildPolicyExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyExcludeList",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyExcludeList"
},
"properties": {
"PolicyExcludeList": {
"$ref": "PolicyExcludeList,
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicyExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyExcludeList",
"type": "object"
}
ChildPolicyFirewallCPUMemThresholdsProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallCPUMemThresholdsProfileBindingMap",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"PolicyFirewallCPUMemThresholdsProfileBindingMap": {
"$ref": "PolicyFirewallCPUMemThresholdsProfileBindingMap,
"description": "Contains the actual PolicyFirewallCPUMemThresholdsProfileBindingMap object.",
"required": true,
"title": "PolicyFirewallCPUMemThresholdsProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCPUMemThresholdsProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallCpuMemThresholdsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallCpuMemThresholdsProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallCpuMemThresholdsProfile",
"module_id": "PolicyProfile",
"properties": {
"PolicyFirewallCpuMemThresholdsProfile": {
"$ref": "PolicyFirewallCpuMemThresholdsProfile,
"description": "Contains the actual PolicyFirewallCpuMemThresholdsProfile object",
"required": true,
"title": "PolicyFirewallCpuMemThresholdsProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallCpuMemThresholdsProfile",
"type": "object"
}
ChildPolicyFirewallFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallFloodProtectionProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallFloodProtectionProfileBindingMap",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"PolicyFirewallFloodProtectionProfileBindingMap": {
"$ref": "PolicyFirewallFloodProtectionProfileBindingMap,
"description": "Contains the actual PolicyFirewallFloodProtectionProfileBindingMap object",
"required": true,
"title": "PolicyFirewallFloodProtectionProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallFloodProtectionProfileBindingMap",
"type": "object"
}
ChildPolicyFirewallScheduler (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallScheduler, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallScheduler",
"module_id": "PolicyFirewallScheduler",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallScheduler"
},
"properties": {
"PolicyFirewallScheduler": {
"$ref": "PolicyFirewallScheduler,
"description": "Contains the actual PolicyFirewallScheduler objects",
"required": true,
"title": "PolicyFirewallScheduler"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallScheduler",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallSessionTimerProfile",
"module_id": "PolicyFirewallSessionTimerProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyFirewallSessionTimerProfile"
},
"properties": {
"PolicyFirewallSessionTimerProfile": {
"$ref": "PolicyFirewallSessionTimerProfile,
"description": "Contains the actual PolicyFirewallSessionTimerProfile object",
"required": true,
"title": "PolicyFirewallSessionTimerProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfile",
"type": "object"
}
ChildPolicyFirewallSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyFirewallSessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyFirewallSessionTimerProfileBindingMap",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"PolicyFirewallSessionTimerProfileBindingMap": {
"$ref": "PolicyFirewallSessionTimerProfileBindingMap,
"description": "Contains the actual PolicyFirewallSessionTimerProfileBindingMap object",
"required": true,
"title": "PolicyFirewallSessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyFirewallSessionTimerProfileBindingMap",
"type": "object"
}
ChildPolicyIgmpProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyIgmpProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyIgmpProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyIgmpProfile": {
"$ref": "PolicyIgmpProfile,
"description": "Contains actual PolicyIgmpProfile.",
"required": true,
"title": "PolicyIgmpProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyIgmpProfile",
"type": "object"
}
ChildPolicyLabel (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLabel, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyLabel",
"module_id": "PolicyLabel",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLabel"
},
"properties": {
"PolicyLabel": {
"$ref": "PolicyLabel,
"description": "Contains the actual PolicyLabel object",
"required": true,
"title": "PolicyLabel"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLabel",
"type": "object"
}
ChildPolicyLatencyStatProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyLatencyStatProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyLatencyStatProfile",
"module_id": "PolicyLatency",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyLatencyStatProfile"
},
"properties": {
"PolicyLatencyStatProfile": {
"$ref": "PolicyLatencyStatProfile,
"description": "Contains the actual PolicyLatencyStatProfile object",
"required": true,
"title": "PolicyLatencyStatProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyLatencyStatProfile",
"type": "object"
}
ChildPolicyMulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyMulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyMulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyMulticastConfig": {
"$ref": "PolicyMulticastConfig,
"description": "Contains actual PolicyMulticastConfig.",
"required": true,
"title": "PolicyMulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyMulticastConfig",
"type": "object"
}
ChildPolicyNat (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNat, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyNat",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNat"
},
"properties": {
"PolicyNat": {
"$ref": "PolicyNat,
"description": "Contains the actual PolicyNAT object",
"required": true,
"title": "PolicyNat"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNat",
"type": "object"
}
ChildPolicyNatRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyNatRule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyNatRule",
"module_id": "PolicyNAT",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyNatRule"
},
"properties": {
"PolicyNatRule": {
"$ref": "PolicyNatRule,
"description": "Contains the actual PolicyNatRule object",
"required": true,
"title": "PolicyNatRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyNatRule",
"type": "object"
}
ChildPolicyPimProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyPimProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyPimProfile",
"module_id": "PolicyMulticast",
"properties": {
"PolicyPimProfile": {
"$ref": "PolicyPimProfile,
"description": "Contains actual PolicyPimProfile.",
"required": true,
"title": "PolicyPimProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyPimProfile",
"type": "object"
}
ChildPolicySIExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicySIExcludeList",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIExcludeList"
},
"properties": {
"PolicySIExcludeList": {
"$ref": "PolicySIExcludeList,
"description": "Contains the actual policy exclude list object.",
"required": true,
"title": "PolicySIExcludeList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIExcludeList",
"type": "object"
}
ChildPolicyServiceChain (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceChain",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceChain"
},
"properties": {
"PolicyServiceChain": {
"$ref": "PolicyServiceChain,
"description": "Contains actual PolicyServiceChain.",
"required": true,
"title": "PolicyServiceChain"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceChain",
"type": "object"
}
ChildPolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceInstance used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceInstance"
},
"properties": {
"PolicyServiceInstance": {
"$ref": "PolicyServiceInstance,
"description": "Contains actual PolicyServiceInstance.",
"required": true,
"title": "PolicyServiceInstance"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceInstance",
"type": "object"
}
ChildPolicyServiceProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyServiceProfile used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyServiceProfile",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyServiceProfile"
},
"properties": {
"PolicyServiceProfile": {
"$ref": "PolicyServiceProfile,
"description": "Contains actual PolicyServiceProfile.",
"required": true,
"title": "PolicyServiceProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyServiceProfile",
"type": "object"
}
ChildPolicyTier1MulticastConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyTier1MulticastConfig used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTier1MulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"PolicyTier1MulticastConfig": {
"$ref": "PolicyTier1MulticastConfig,
"description": "Contains actual PolicyTier1MulticastConfig.",
"required": true,
"title": "PolicyTier1MulticastConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTier1MulticastConfig",
"type": "object"
}
ChildPolicyTlsConfigProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyTlsConfigProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTlsConfigProfile",
"module_id": "PolicyTlsConfigProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTlsConfigProfile"
},
"properties": {
"PolicyTlsConfigProfile": {
"$ref": "PolicyTlsConfigProfile,
"description": "Contains the actual PolicyTlsConfigProfile object",
"required": true,
"title": "PolicyTlsConfigProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTlsConfigProfile",
"type": "object"
}
ChildPolicyTransportZone (type)
{
"description": "Child wrapper object for PolicyTransportZone, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTransportZone",
"module_id": "PolicyTransportZone",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZone"
},
"properties": {
"PolicyTransportZone": {
"$ref": "PolicyTransportZone,
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZone object.",
"required": true,
"title": "PolicyTransportZone"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZone",
"type": "object"
}
ChildPolicyTransportZoneProfile (type)
{
"description": "Child wrapper object for PolicyTransportZoneProfile, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyTransportZoneProfile",
"module_id": "PolicyTransportZoneProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyTransportZoneProfile"
},
"properties": {
"PolicyTransportZoneProfile": {
"$ref": "PolicyTransportZoneProfile,
"additionalProperties": false,
"description": "Contains the actual PolicyTransportZoneProfile object.",
"required": true,
"title": "PolicyTransportZoneProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyTransportZoneProfile",
"type": "object"
}
ChildPolicyUrlCategorizationConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PolicyUrlCategorizationConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPolicyUrlCategorizationConfig",
"module_id": "PolicyUrlCategorization",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicyUrlCategorizationConfig"
},
"properties": {
"PolicyUrlCategorizationConfig": {
"$ref": "PolicyUrlCategorizationConfig,
"description": "Contains the actual PolicyUrlCategorizationConfig object",
"required": true,
"title": "URL Categorization Config"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicyUrlCategorizationConfig",
"type": "object"
}
ChildPortDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortDiscoveryProfileBindingMap"
},
"properties": {
"PortDiscoveryProfileBindingMap": {
"$ref": "PortDiscoveryProfileBindingMap,
"description": "Contains the actual PortDiscoveryProfileBindingMap object",
"required": true,
"title": "PortDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortDiscoveryProfileBindingMap",
"type": "object"
}
ChildPortMirroringProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMirroringProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortMirroringProfile",
"module_id": "PolicyPortMirroring",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMirroringProfile"
},
"properties": {
"PortMirroringProfile": {
"$ref": "PortMirroringProfile,
"description": "Contains the actual PortMirroringProfile object",
"required": true,
"title": "PortMirroringProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMirroringProfile",
"type": "object"
}
ChildPortMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortMonitoringProfileBindingMap"
},
"properties": {
"PortMonitoringProfileBindingMap": {
"$ref": "PortMonitoringProfileBindingMap,
"description": "Contains the actual PortMonitoringProfileBindingMap object",
"required": true,
"title": "PortMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortMonitoringProfileBindingMap",
"type": "object"
}
ChildPortQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortQoSProfileBindingMap"
},
"properties": {
"PortQoSProfileBindingMap": {
"$ref": "PortQoSProfileBindingMap,
"description": "Contains the actual PortQoSProfileBindingMap object",
"required": true,
"title": "PortQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortQoSProfileBindingMap",
"type": "object"
}
ChildPortSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PortSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPortSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPortSecurityProfileBindingMap"
},
"properties": {
"PortSecurityProfileBindingMap": {
"$ref": "PortSecurityProfileBindingMap,
"description": "Contains the actual PortSecurityProfileBindingMap object",
"required": true,
"title": "PortSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PortSecurityProfileBindingMap",
"type": "object"
}
ChildPrefixList (type)
{
"additionalProperties": false,
"description": "Child wrapper object for PrefixList, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildPrefixList",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPrefixList"
},
"properties": {
"PrefixList": {
"$ref": "PrefixList,
"description": "Contains the actual PrefixList object.",
"required": true,
"title": "PrefixList"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PrefixList",
"type": "object"
}
ChildQoSProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for QoSProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildQoSProfile",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "ChildQoSProfile"
},
"properties": {
"QoSProfile": {
"$ref": "QoSProfile,
"description": "Contains the actual QoSProfile object",
"required": true,
"title": "QoSProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for QoSProfile",
"type": "object"
}
ChildReaction (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Reaction used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildReaction",
"module_id": "PolicyReaction",
"properties": {
"Reaction": {
"$ref": "Reaction,
"description": "Contains the actual Reaction object.",
"required": true,
"title": "Reaction"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Reaction",
"type": "object"
}
ChildRedirectionPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for RedirectionPolicy used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRedirectionPolicy",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionPolicy"
},
"properties": {
"RedirectionPolicy": {
"$ref": "RedirectionPolicy,
"description": "Contains actual RedirectionPolicy.",
"required": true,
"title": "RedirectionPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionPolicy\n",
"type": "object"
}
ChildRedirectionRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ChildRedirectionRule used in Hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRedirectionRule",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRedirectionRule"
},
"properties": {
"RedirectionRule": {
"$ref": "RedirectionRule,
"description": "Contains actual RedirectionRule.",
"required": true,
"title": "RedirectionRule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for RedirectionRule\n",
"type": "object"
}
ChildResourceReference (type)
{
"additionalProperties": false,
"description": "Represents a reference to ChildPolicyConfigResource in the hierarchical API. resource_type, id and target_type are mandatory fields.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildResourceReference",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_type": {
"required": true,
"title": "The target type of this reference",
"type": "string"
}
},
"title": "Represents the reference to ChildPolicyConfigResource",
"type": "object"
}
ChildRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildRule",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildRule"
},
"properties": {
"Rule": {
"$ref": "Rule,
"description": "Contains the actual Rule object",
"required": true,
"title": "Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildSIStatusConfiguration (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSIStatusConfiguration",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildPolicySIStatusConfiguration"
},
"properties": {
"PolicySIStatusConfiguration": {
"$ref": "PolicySIStatusConfiguration,
"description": "Contains the actual service insertion status configuration list object.",
"required": true
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for PolicySIStatusConfiguration",
"type": "object"
}
ChildSecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T1 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityFeatures"
},
"properties": {
"SecurityFeatures": {
"$ref": "SecurityFeatures,
"description": "Contains the actual SecurityFeatures object",
"required": true,
"title": "Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Security Feature",
"type": "object"
}
ChildSecurityPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SecurityPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSecurityPolicy",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSecurityPolicy"
},
"properties": {
"SecurityPolicy": {
"$ref": "SecurityPolicy,
"description": "Contains the actual SecurityPolicy object",
"required": true,
"title": "SecurityPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SecurityPolicy",
"type": "object"
}
ChildSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Segment, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegment"
},
"properties": {
"Segment": {
"$ref": "Segment,
"description": "Contains the actual Segment object.",
"required": true,
"title": "Segment"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Segment",
"type": "object"
}
ChildSegmentDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentDiscoveryProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentDiscoveryProfileBindingMap"
},
"properties": {
"SegmentDiscoveryProfileBindingMap": {
"$ref": "SegmentDiscoveryProfileBindingMap,
"description": "Contains the actual SegmentDiscoveryProfileBindingMap object",
"required": true,
"title": "SegmentDiscoveryProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentDiscoveryProfileBindingMap",
"type": "object"
}
ChildSegmentMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentMonitoringProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentMonitoringProfileBindingMap"
},
"properties": {
"SegmentMonitoringProfileBindingMap": {
"$ref": "SegmentMonitoringProfileBindingMap,
"description": "Contains the actual SegmentMonitoringProfileBindingMap object",
"required": true,
"title": "SegmentMonitoringProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentMonitoringProfileBindingMap",
"type": "object"
}
ChildSegmentPort (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentPort, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentPort",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentPort"
},
"properties": {
"SegmentPort": {
"$ref": "SegmentPort,
"description": "Contains the actual SegmentPort object",
"required": true,
"title": "SegmentPort"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentPort",
"type": "object"
}
ChildSegmentQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentQoSProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentQoSProfileBindingMap"
},
"properties": {
"SegmentQoSProfileBindingMap": {
"$ref": "SegmentQoSProfileBindingMap,
"description": "Contains the actual SegmentQoSProfileBindingMap object",
"required": true,
"title": "SegmentQoSProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentQoSProfileBindingMap",
"type": "object"
}
ChildSegmentSecurityProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentSecurityProfile",
"module_id": "PolicySegmentSecurity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfile"
},
"properties": {
"SegmentSecurityProfile": {
"$ref": "SegmentSecurityProfile,
"description": "Contains the actual SegmentSecurityProfile object",
"required": true,
"title": "SegmentSecurityProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfile",
"type": "object"
}
ChildSegmentSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SegmentSecurityProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSegmentSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSegmentSecurityProfileBindingMap"
},
"properties": {
"SegmentSecurityProfileBindingMap": {
"$ref": "SegmentSecurityProfileBindingMap,
"description": "Contains the actual SegmentSecurityProfileBindingMap object",
"required": true,
"title": "SegmentSecurityProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SegmentSecurityProfileBindingMap",
"type": "object"
}
ChildService (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Service, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildService",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildService"
},
"properties": {
"Service": {
"$ref": "Service,
"description": "Contains the actual Service object.",
"required": true,
"title": "Service"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Service",
"type": "object"
}
ChildServiceEntry (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceEntry, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceEntry"
},
"properties": {
"Service": {
"$ref": "ServiceEntry,
"deprecated": true,
"description": "This is a deprecated property, Please use 'ServiceEntry' instead.",
"title": "ServiceEntry"
},
"ServiceEntry": {
"$ref": "ServiceEntry,
"description": "Contains the actual ServiceEntry object.",
"required": true,
"title": "ServiceEntry"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceEntry",
"type": "object"
}
ChildServiceInstanceEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInstanceEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceInstanceEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInstanceEndpoint"
},
"properties": {
"ServiceInstanceEndpoint": {
"$ref": "ServiceInstanceEndpoint,
"description": "Contains actual ServiceInstanceEndpoint.",
"required": true,
"title": "ServiceInstanceEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInstanceEndpoint",
"type": "object"
}
ChildServiceInterface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceInterface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceInterface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceInterface"
},
"properties": {
"ServiceInterface": {
"$ref": "ServiceInterface,
"description": "Contains the actual ServiceInterface object.",
"required": true,
"title": "ServiceInterface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceInterface",
"type": "object"
}
ChildServiceReference (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceReference used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceReference",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceReference"
},
"properties": {
"ServiceReference": {
"$ref": "ServiceReference,
"description": "Contains actual ServiceReference.",
"required": true,
"title": "ServiceReference"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ServiceReference",
"type": "object"
}
ChildServiceSegment (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ServiceSegment, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildServiceSegment",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildServiceSegment"
},
"properties": {
"ServiceSegment": {
"$ref": "ServiceSegment,
"description": "Contains the actual ServiceSegment objects",
"required": true,
"title": "ServiceSegments"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SerivceSegment",
"type": "object"
}
ChildSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SessionTimerProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSessionTimerProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSessionTimerProfileBindingMap"
},
"properties": {
"SessionTimerProfileBindingMap": {
"$ref": "SessionTimerProfileBindingMap,
"description": "Contains the actual SessionTimerProfileBindingMap object",
"required": true,
"title": "SessionTimerProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SessionTimerProfileBindingMap",
"type": "object"
}
ChildShaDynamicPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaDynamicPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaDynamicPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaDynamicPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaDynamicPlugin,
"description": "Contains the actual ShaDynamicPlugin object",
"required": true,
"title": "ShaDynamicPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildShaPluginProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPluginProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPluginProfile"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPluginProfile,
"description": "Contains the actual ShaPluginProfile object",
"required": true,
"title": "ShaPluginProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaPluginProfile",
"type": "object"
}
ChildShaPredefinedPlugin (type)
{
"additionalProperties": false,
"description": "Child wrapper object for ShaPredefinedPlugin, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildShaPredefinedPlugin",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "ChildShaPredefinedPlugin"
},
"properties": {
"ShaPluginProfile": {
"$ref": "ShaPredefinedPlugin,
"description": "Contains the actual ShaPredefinedPlugin object",
"required": true,
"title": "ShaPredefinedPlugin"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for ShaDynamicPlugin",
"type": "object"
}
ChildSite (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Site, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSite",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSite"
},
"properties": {
"Site": {
"$ref": "Site,
"description": "Contains the actual Site object.",
"required": true,
"title": "Site"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Site",
"type": "object"
}
ChildSpoofGuardProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for SpoofGuardProfile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildSpoofGuardProfile",
"module_id": "PolicySpoofGuard",
"polymorphic-type-descriptor": {
"type-identifier": "ChildSpoofGuardProfile"
},
"properties": {
"SpoofGuardProfile": {
"$ref": "SpoofGuardProfile,
"description": "Contains the actual SpoofGuardProfile object",
"required": true,
"title": "SpoofGuardProfile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for SpoofGuardProfile",
"type": "object"
}
ChildStandaloneHostIdfwConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStandaloneHostIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStandaloneHostIdfwConfiguration"
},
"properties": {
"StandaloneHostIdfwConfiguration": {
"$ref": "StandaloneHostIdfwConfiguration,
"description": "Contains the actual standalone host idfw configuration object.",
"required": true,
"title": "StandaloneHostIdfwConfiguration"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StandaloneHostIdfwConfiguration",
"type": "object"
}
ChildStaticARPConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticARPConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticARPConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticARPConfig"
},
"properties": {
"StaticARPConfig": {
"$ref": "StaticARPConfig,
"description": "Contains the actual StaticARPConfig object.",
"required": true,
"title": "StaticARPConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticARPConfig",
"type": "object"
}
ChildStaticMimeContent (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Static MIME content, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticMimeContent",
"module_id": "PolicyStaticMimeContent",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticMimeContent"
},
"properties": {
"TlsProfile": {
"$ref": "StaticMimeContent,
"description": "Contains the actual Static MIME content object.",
"required": true,
"title": "Static Mime Content"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child Static MIME content",
"type": "object"
}
ChildStaticRouteBfdPeer (type)
{
"additionalProperties": false,
"description": "Child wrapper for StaticRouteBfdPeer, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticRouteBfdPeer",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRouteBfdPeer"
},
"properties": {
"BfdPeer": {
"$ref": "StaticRouteBfdPeer,
"description": "Contains the actual StaticRouteBfdPeer object.",
"required": true,
"title": "Static Route BFD Peer"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRouteBfdPeer",
"type": "object"
}
ChildStaticRoutes (type)
{
"additionalProperties": false,
"description": "Child wrapper object for StaticRoutes, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildStaticRoutes",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildStaticRoutes"
},
"properties": {
"StaticRoutes": {
"$ref": "StaticRoutes,
"description": "Contains the actual StaticRoutes object.",
"required": true,
"title": "StaticRoutes"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for StaticRoutes",
"type": "object"
}
ChildTagBulkOperation (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TagBulkOperation, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTagBulkOperation",
"module_id": "PolicyTag",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTagBulkOperation"
},
"properties": {
"TagBulkOperation": {
"$ref": "TagBulkOperation,
"description": "Contains actual TagBulkOperation object.",
"required": true,
"title": "TagBulkOperation"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Child wrapper object for TagBulkOperation",
"type": "object"
}
ChildTier0 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-0, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0"
},
"properties": {
"Tier0": {
"$ref": "Tier0,
"description": "Contains the actual Tier-0 object.",
"required": true,
"title": "Tier-0"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-0",
"type": "object"
}
ChildTier0DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0DeploymentMap"
},
"properties": {
"Tier0DeploymentMap": {
"$ref": "Tier0DeploymentMap,
"description": "Contains the actual Tier0DeploymentMap object.",
"required": true,
"title": "Tier0DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0DeploymentMap",
"type": "object"
}
ChildTier0Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0Interface"
},
"properties": {
"Tier0Interface": {
"$ref": "Tier0Interface,
"description": "Contains the actual Tier0Interface object.",
"required": true,
"title": "Tier0Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0Interface",
"type": "object"
}
ChildTier0RouteMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier0RouteMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0RouteMap",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0RouteMap"
},
"properties": {
"Tier0RouteMap": {
"$ref": "Tier0RouteMap,
"description": "Contains the actual Tier0RouteMap object",
"required": true,
"title": "Tier0RouteMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier0RouteMap",
"type": "object"
}
ChildTier0SecurityFeatures (type)
{
"additionalProperties": false,
"description": "Child wrapper object for T0 Security Feature, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier0SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier0SecurityFeatures"
},
"properties": {
"Tier0SecurityFeatures": {
"$ref": "Tier0SecurityFeatures,
"description": "Contains the actual TO SecurityFeatures object",
"required": true,
"title": "T0 Security configs"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for T0 Security Feature",
"type": "object"
}
ChildTier1 (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier-1 , used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1"
},
"properties": {
"Tier1": {
"$ref": "Tier1,
"description": "Contains the actual Tier-1 object.",
"required": true,
"title": "Tier-1"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier-1",
"type": "object"
}
ChildTier1DeploymentMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1DeploymentMap, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1DeploymentMap"
},
"properties": {
"Tier1DeploymentMap": {
"$ref": "Tier1DeploymentMap,
"description": "Contains the actual Tier1DeploymentMap object.",
"required": true,
"title": "Tier1DeploymentMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1DeploymentMap",
"type": "object"
}
ChildTier1Interface (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Tier1Interface, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTier1Interface",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTier1Interface"
},
"properties": {
"Tier1Interface": {
"$ref": "Tier1Interface,
"description": "Contains the actual Tier1Interface object.",
"required": true,
"title": "Tier1Interface"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Tier1Interface",
"type": "object"
}
ChildTlsCertificate (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCertificate, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsCertificate",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCertificate"
},
"properties": {
"TlsCertificate": {
"$ref": "TlsCertificate,
"description": "Contains the actual TlsCertificate object.",
"required": true,
"title": "TlsCertificate"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCertificate",
"type": "object"
}
ChildTlsConfigProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TlsConfigProfileBindingMap, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsConfigProfileBindingMap",
"module_id": "PolicyTlsConfigProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsConfigProfileBindingMap"
},
"properties": {
"SessionTimerProfileBindingMap": {
"$ref": "TlsConfigProfileBindingMap,
"description": "Contains the actual TlsConfigProfileBindingMap object",
"required": true,
"title": "TlsConfigProfileBindingMap"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsConfigProfileBindingMap",
"type": "object"
}
ChildTlsCrl (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsCrl, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsCrl",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsCrl"
},
"properties": {
"TlsCrl": {
"$ref": "TlsCrl,
"description": "Contains the actual TlsCrl object.",
"required": true,
"title": "TlsCrl"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsCrl",
"type": "object"
}
ChildTlsPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLSPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsPolicy",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsPolicy"
},
"properties": {
"TlsPolicy": {
"$ref": "TlsPolicy,
"description": "Contains the actual TLSPolicy object",
"required": true,
"title": "TlsPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsPolicy",
"type": "object"
}
ChildTlsProfile (type)
{
"additionalProperties": false,
"description": "Child wrapper object for TLS Profile, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsProfile"
},
"properties": {
"TlsProfile": {
"$ref": "TlsProfile,
"description": "Contains the actual TLS profile object.",
"required": true,
"title": "TLS Profile"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Child TLS Profile",
"type": "object"
}
ChildTlsRule (type)
{
"additionalProperties": false,
"description": "Child wrapper object for Rule, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsRule",
"module_id": "PolicyTls",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsRule"
},
"properties": {
"TlsRule": {
"$ref": "TlsRule,
"description": "Contains the actual TLS Rule object",
"required": true,
"title": "TLS Rule"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for Rule",
"type": "object"
}
ChildTlsTrustData (type)
{
"additionalProperties": false,
"description": "Child wrapper for TlsTrustData, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTlsTrustData",
"module_id": "PolicyCertificate",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTlsTrustData"
},
"properties": {
"TlsTrustData": {
"$ref": "TlsTrustData,
"description": "Contains the actual TlsTrustData object.",
"required": true,
"title": "TlsTrustData"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TlsTrustData",
"type": "object"
}
ChildTraceflowConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper for TraceflowConfig, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildTraceflowConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildTraceflowConfig"
},
"properties": {
"TraceflowConfig": {
"$ref": "TraceflowConfig,
"description": "Contains the actual TraceflowConfig object.",
"required": true,
"title": "TraceflowConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for TraceflowConfig",
"type": "object"
}
ChildTypesRequestParameter (type)
{
"description": "Specified child resource types will be populated in the response body",
"id": "ChildTypesRequestParameter",
"module_id": "Policy",
"properties": {
"base_path": {
"description": "Base path of the resource for which user wants to retrieve the hierarchy. This should be the fully qualified path for the resource. - Sample examples - base_path=/infra/domains/default/groups/Group1 base_path=/infra/domains/default/security-policies/SecurityPolicy1/rules/Rule1",
"required": false,
"title": "Base Path for retrieving hierarchical intent",
"type": "string"
},
"filter": {
"description": "Filter string, can contain multiple or single java regular expressions separated by ';'. By default populates immediate child resources of the resource indicated by the URL. These child resources will be filtered by the type provided in the filter. It is recommended to use type_filter parameter instead of filter parameter. - Sample query string to prevent loading services and deployment zones: filter=Type-^(?!.*?(?:Service|DeploymentZone)).*$ - Sample query string to populate all the Group objects under Infra & Domain: filter=Type-Domain%7CGroup - Sample query string to load every policy object under Infra: filter=Type-.*",
"required": false,
"title": "Filter string as java regex",
"type": "string"
},
"type_filter": {
"description": "Advanced filter string in which user can directly specify the resourceTypes to be filtered. Can be used in conjunction with base_path. - Sample example of type_filter to load all groups - type_filter=Group - Sample example of multiple type_filter - type_filter=Group;SercurityPolicy;RedirectionPolicy - Sample eaxmple to load all groups in default domain using base_path in conjunction with type_filter - base_path=/infra/domains/default&type_filter=Group",
"required": false,
"title": "Filter string to retrieve hierarchy.",
"type": "string"
}
},
"title": "Filter to populate child types of the policyConfigResource",
"type": "object"
}
ChildVMTagReplicationPolicy (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VMTagReplicationPolicy, used in hierarchical API",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVMTagReplicationPolicy",
"module_id": "VMTagReplicationPolicy",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVMTagReplicationPolicy"
},
"properties": {
"VMTagReplicationPolicy": {
"$ref": "VMTagReplicationPolicy,
"description": "Contains the actual VMTagReplicationPolicy object",
"required": true,
"title": "VMTagReplicationPolicy"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VMTagReplicationPolicy",
"type": "object"
}
ChildVirtualEndpoint (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VirtualEndpoint used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVirtualEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVirtualEndpoint"
},
"properties": {
"VirtualEndpoint": {
"$ref": "VirtualEndpoint,
"description": "Contains reference to actual VirtualEndpoint.",
"required": true,
"title": "VirtualEndpoint"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VirtualEndpoint",
"type": "object"
}
ChildVniPoolConfig (type)
{
"additionalProperties": false,
"description": "Child wrapper object for VniPoolConfig, used in hierarchical API.",
"extends": {
"$ref": "ChildPolicyConfigResource
},
"id": "ChildVniPoolConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "ChildVniPoolConfig"
},
"properties": {
"VniPoolConfig": {
"$ref": "VniPoolConfig,
"description": "Contains the actual VniPoolConfig object.",
"required": true,
"title": "VniPoolConfig"
},
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mark_for_override": {
"default": false,
"required": false,
"title": "Indicates whether this object is the overridden intent object Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "If this field is set to true, delete operation is triggered on the intent tree. This resource along with its all children in intent tree will be deleted. This is a cascade delete and should only be used if intent object along with its all children are to be deleted. This does not support deletion of single non-leaf node within the tree and should be used carefully.",
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"request_parameter": {
"$ref": "PolicyRequestParameter,
"required": false,
"title": "Generic type for passing the API request parameters."
},
"resource_type": {
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Wrapper object for VniPoolConfig",
"type": "object"
}
CidrArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of CIDR values",
"extends": {
"$ref": "ConstraintValue
},
"id": "CidrArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "CidrArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\".",
"items": {
"$ref": "IPElement
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "Array of CIDR Values to perform operation",
"type": "object"
}
CipherSuite (type)
{
"additionalProperties": false,
"id": "CipherSuite",
"properties": {
"enabled": {
"required": true,
"title": "Enable status for this cipher suite",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the TLS cipher suite",
"type": "string"
}
},
"title": "TLS cipher suite",
"type": "object"
}
ClasslessStaticRoute (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP classless static route option.",
"id": "ClasslessStaticRoute",
"module_id": "Dhcp",
"properties": {
"network": {
"$ref": "IPElement,
"description": "Destination network in CIDR format.",
"required": true,
"title": "Destination in CIDR"
},
"next_hop": {
"$ref": "IPAddress,
"description": "IP address of next hop of the route.",
"required": true,
"title": "Router"
}
},
"title": "DHCP classless static route option",
"type": "object"
}
ClientAuthType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client authentication could be REQUIRED or IGNORE. REQUIRED means that client is required to present its certificate to the server for authentication. To be accepted, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified in the same client SSL profile binding. IGNORE means that client certificate would be ignored.",
"enum": [
"REQUIRED",
"IGNORE"
],
"id": "ClientAuthType",
"module_id": "LoadBalancer",
"title": "client authentication mode",
"type": "string"
}
CloudNativeServiceInstance (type)
{
"additionalProperties": false,
"description": "Stores the information about cloud native service instance.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "CloudNativeServiceInstance",
"module_id": "InventoryCloudObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Id of service instance fetched from public cloud.",
"readonly": true,
"required": true,
"title": "External id of cloud native service instance in the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_type": {
"description": "Type of cloud native service.",
"readonly": true,
"required": true,
"title": "Type of cloud native service; possible values are ELB, RDS",
"type": "string"
},
"source": {
"$ref": "ResourceReference,
"description": "Reference of the public cloud gateway that reported the service instance.",
"readonly": true,
"required": true,
"title": "Reference of the public cloud gateway"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ClusterBackupInfo (type)
{
"additionalProperties": false,
"id": "ClusterBackupInfo",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"format": "hostname-or-ip",
"readonly": true,
"required": true,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "ID of the node from which the backup was taken",
"type": "string"
},
"restore_type": {
"default": [],
"items": {
"enum": [
"REGULAR_RESTORE",
"POLICY_ONLY_RESTORE"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "Type of restore allowed",
"type": "array",
"uniqueItems": true
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": true,
"title": "timestamp of the cluster backup file"
}
},
"title": "Cluster backup details",
"type": "object"
}
ClusterBackupInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ClusterBackupInfoListResult",
"module_id": "ClusterRestore",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ClusterBackupInfo
},
"readonly": true,
"required": true,
"title": "List of timestamps of backed-up cluster files",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ClusterCertificateId (type)
{
"additionalProperties": false,
"id": "ClusterCertificateId",
"properties": {
"certificate_id": {
"required": true,
"title": "Certificate ID",
"type": "string"
}
},
"title": "Cluster Certificate ID",
"type": "object"
}
ClusterConfiguration (type)
{
"additionalProperties": false,
"description": "The configuration of the NSX cluster. The cluster configuration consists of a list of cluster node attributes.",
"id": "ClusterConfiguration",
"module_id": "Cluster",
"properties": {
"cluster_id": {
"readonly": true,
"title": "UUID of the cluster",
"type": "string"
},
"config_version": {
"readonly": true,
"title": "Cluster configuration version",
"type": "integer"
},
"nodes": {
"items": {
"$ref": "ClusterNode
},
"readonly": true,
"title": "Nodes in the cluster configuration",
"type": "array"
}
},
"title": "Cluster configuration",
"type": "object"
}
ClusterMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "ClusterMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"readonly": true,
"required": true,
"title": "The Antrea cluster id of the pod",
"type": "string"
},
"cluster_name": {
"readonly": true,
"required": true,
"title": "The Antrea cluster name of the pod",
"type": "string"
},
"namespaces": {
"items": {
"$ref": "NamespaceMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
ClusterNode (type)
{
"additionalProperties": false,
"description": "This type contains attributes of a cluster node that are relevant to the Cluster Boot Manager.",
"id": "ClusterNode",
"module_id": "Cluster",
"properties": {
"entities": {
"items": {
"$ref": "ClusterNodeEntity
},
"required": true,
"title": "Entities on the node",
"type": "array"
},
"node_uuid": {
"required": true,
"title": "UUID of the node",
"type": "string"
},
"status": {
"default": "REMOVED",
"enum": [
"JOINING",
"JOINED",
"REMOVING",
"REMOVED"
],
"title": "Current clustering status of the node",
"type": "string"
}
},
"title": "Cluster Node Properties",
"type": "object"
}
ClusterNodeEntity (type)
{
"additionalProperties": false,
"description": "NSX Cluster is made up of multiple cluster nodes. Each node can perform multiple functions, commonly referred to as roles. Cluster node entities are processes running in a cluster node that assist in the performance of a role. Cluster Boot Manager is a daemon that securely bootstraps and configures the entities. This type contains attributes of a cluster node entity that are relevant to the Cluster Boot Manager.",
"id": "ClusterNodeEntity",
"module_id": "Cluster",
"properties": {
"certificate": {
"required": true,
"title": "Public certificate of the entity in PEM format",
"type": "string"
},
"entity_type": {
"enum": [
"MANAGER",
"CONTROLLER",
"POLICY",
"HTTPS",
"CLUSTER_BOOT_MANAGER",
"DATASTORE",
"GLOBAL_MANAGER",
"ASYNC_REPLICATOR",
"MONITORING",
"IDPS_REPORTING",
"CORFU_NONCONFIG",
"UPGRADE_COORDINATOR",
"CM-INVENTORY",
"MESSAGING-MANAGER"
],
"required": true,
"title": "Type of the entity",
"type": "string"
},
"entity_uuid": {
"required": true,
"title": "UUID of the entity",
"type": "string"
},
"fqdn": {
"format": "hostname",
"required": false,
"title": "Domain name the entity binds to",
"type": "string"
},
"ip_address": {
"required": false,
"title": "IP address the entity binds to",
"type": "string"
},
"port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port the entity binds to",
"type": "integer"
},
"subnet_prefix_length": {
"maximum": 32,
"minimum": 0,
"required": false,
"title": "Subnet mask prefix length of the entity binds to",
"type": "integer"
}
},
"title": "Cluster Node Entity Properties",
"type": "object"
}
ClusterNodeRole (type)
{
"description": "Enumerates the roles that can be specified in VM auto-deployment.",
"enum": [
"CONTROLLER",
"MANAGER"
],
"id": "ClusterNodeRole",
"module_id": "ClusterNodeVMDeployment",
"title": "Cluster node role",
"type": "string"
}
ClusterNodeVMDeletionParameters (type)
{
"description": "Parameters for deletion of a cluster node VM.",
"id": "ClusterNodeVMDeletionParameters",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"force_delete": {
"description": "If true, the VM will be undeployed even if it cannot be removed from its cluster.",
"title": "Delete by force",
"type": "boolean"
}
},
"title": "Parameters for DeleteAutoDeployedClusterNodeVM",
"type": "object"
}
ClusterNodeVMDeploymentConfig (type)
{
"description": "Contains info used to configure the VM on deployment",
"id": "ClusterNodeVMDeploymentConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "placement_type"
},
"properties": {
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM",
"enum": [
"VsphereClusterNodeVMDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
}
},
"title": "Configuration for deploying cluster node VM",
"type": "object"
}
ClusterNodeVMDeploymentRequest (type)
{
"additionalProperties": false,
"description": "Contains the deployment information for a cluster node VM soon to be deployed or already deployed by the Manager",
"id": "ClusterNodeVMDeploymentRequest",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_config": {
"$ref": "ClusterNodeVMDeploymentConfig,
"description": "Info needed to configure a cluster node VM at deployment for a specific platform. May require different parameters depending on the method used to deploy the VM.",
"required": true,
"title": "Deployment config for cluster node VM"
},
"form_factor": {
"$ref": "ClusterNodeVMFormFactor,
"default": "MEDIUM",
"description": "Specifies the desired \"size\" of the VM",
"required": false,
"title": "Form factor for cluster node VMs"
},
"roles": {
"description": "List of cluster node role (or roles) which the VM should take on. They specify what type (or types) of cluster node which the new VM should act as. Currently both CONTROLLER and MANAGER must be provided, since this permutation is the only one supported now.",
"items": {
"$ref": "ClusterNodeRole
},
"required": true,
"title": "Cluster node roles of the VM",
"type": "array"
},
"user_settings": {
"$ref": "NodeUserSettings,
"description": "Username and password settings for the cluster node VM. Passwords must be at least 12 characters in length and contain at least one lowercase, one uppercase, one numerical, and one special character. Note: These settings will be honored only during VM deployment. Post-deployment, CLI must be used for changing the user settings and changes to these parameters will not have any effect.",
"required": true,
"sensitive": true,
"title": "User settings for the VM"
},
"vm_id": {
"description": "ID of the VM maintained internally and used to recognize it. Note: This is automatically generated and cannot be modified.",
"readonly": true,
"required": false,
"title": "ID of VM used to recognize it",
"type": "string"
}
},
"title": "Info for an auto-deployment request",
"type": "object"
}
ClusterNodeVMDeploymentRequestList (type)
{
"additionalProperties": false,
"description": "List of ClusterNodeVMDeploymentRequests",
"extends": {
"$ref": "ListResult
},
"id": "ClusterNodeVMDeploymentRequestList",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Array of existing ClusterNodeVMDeploymentRequests",
"items": {
"$ref": "ClusterNodeVMDeploymentRequest
},
"required": true,
"title": "Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ClusterNodeVMDeploymentRequest list",
"type": "object"
}
ClusterNodeVMDeploymentStatusReport (type)
{
"description": "Contains up-to-date information relating to an auto-deployed VM, including its status and (potentially) an error message.",
"id": "ClusterNodeVMDeploymentStatusReport",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"deployment_progress_state": {
"$ref": "VMDeploymentProgressState,
"description": "Detailed progress state of node VM deployment realization",
"readonly": true,
"required": false,
"title": "Deployment progress state of node VM"
},
"failure_code": {
"description": "In case of auto-deployment-related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case of auto-deployment-related failure, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the addition or deletion of an auto-deployed cluster node VM.",
"enum": [
"UNKNOWN_STATE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"WAITING_TO_REGISTER_VM",
"VM_REGISTRATION_FAILED",
"VM_WAITING_TO_CLUSTER",
"VM_WAITING_TO_COME_ONLINE",
"VM_ONLINE_FAILED",
"VM_CLUSTERING_IN_PROGRESS",
"VM_CLUSTERING_FAILED",
"VM_CLUSTERING_SUCCESSFUL",
"WAITING_TO_UNDEPLOY_VM",
"VM_DECLUSTER_IN_PROGRESS",
"VM_DECLUSTER_FAILED",
"VM_DECLUSTER_SUCCESSFUL",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL"
],
"required": true,
"title": "Auto-deployed VM's deployment status",
"type": "string"
}
},
"title": "Report of a VM's deployment status",
"type": "object"
}
ClusterNodeVMFormFactor (type)
{
"description": "Specifies the desired \"size\" of the VM. Affects number of virtual CPUs and/or memory size given to the new cluster node VM.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE"
],
"id": "ClusterNodeVMFormFactor",
"module_id": "ClusterNodeVMDeployment",
"title": "Supported VM form factor for cluster nodes",
"type": "string"
}
ClusterRestoreStatus (type)
{
"id": "ClusterRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"backup_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when backup was initiated in epoch millisecond"
},
"endpoints": {
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"required": true,
"title": "The list of allowed endpoints, based on the current state of\nthe restore process\n",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "Unique id for backup request",
"type": "string"
},
"instructions": {
"items": {
"$ref": "InstructionInfo
},
"readonly": true,
"required": false,
"title": "Instructions for users to reconcile Restore operations",
"type": "array"
},
"not_allowed_actions": {
"default": [],
"items": {
"enum": [
"VC_UPDATES"
],
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of actions that are not allowed",
"type": "array",
"uniqueItems": true
},
"restore_end_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when restore was completed in epoch millisecond"
},
"restore_start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": false,
"title": "Timestamp when restore was started in epoch millisecond"
},
"status": {
"$ref": "GlobalRestoreStatus
},
"step": {
"$ref": "RestoreStep
},
"total_steps": {
"readonly": true,
"required": false,
"title": "Total number of steps in the entire restore process",
"type": "integer"
}
},
"title": "Cluster restore status",
"type": "object"
}
ClusterRestoreStatusRequestParameters (type)
{
"id": "ClusterRestoreStatusRequestParameters",
"properties": {
"restore_component": {
"default": "LOCAL_MANAGER",
"enum": [
"LOCAL_MANAGER",
"GLOBAL_MANAGER"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
ClusterVirtualIpProperties (type)
{
"additionalProperties": false,
"id": "ClusterVirtualIpProperties",
"properties": {
"ip_address": {
"required": true,
"title": "Virtual IP address, 0.0.0.0 if not configured",
"type": "string"
}
},
"title": "Cluster virtual IP properties",
"type": "object"
}
ClusteringConfig (type)
{
"description": "Configuration for automatically joining a cluster node to the cluster after it is deployed. ClusteringConfig is required if any of the deployment nodes has CONTROLLER role.",
"id": "ClusteringConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "clustering_type"
},
"properties": {
"clustering_type": {
"description": "Specifies the type of clustering config to be used.",
"enum": [
"ControlClusteringConfig"
],
"required": true,
"title": "Type for the clustering config",
"type": "string"
}
},
"title": "Configuration for VM's clustering",
"type": "object"
}
ColumnItem (type)
{
"additionalProperties": false,
"description": "Represents a column of the Grid",
"id": "ColumnItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"column_identifier": {
"description": "Identifies the column and used for fetching content upon an user click or drilldown. If column identifier is not provided, the column's data will not participate in searches and drilldowns.",
"title": "Identifier for this column",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "Field from which values of the column will be derived.",
"maxLength": 1024,
"required": true,
"title": "Column Field",
"type": "string"
},
"hidden": {
"default": false,
"description": "If set to true, hides the column",
"title": "Hide the column",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Label of the column.",
"readonly": false,
"required": true,
"title": "Column Label"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Render configuration to be applied, if any.",
"items": {
"$ref": "RenderConfiguration
},
"title": "Render Configuration",
"type": "array"
},
"sort_ascending": {
"default": true,
"description": "If true, the value of the column are sorted in ascending order. Otherwise, in descending order.",
"title": "Represents order of sorting the values",
"type": "boolean"
},
"sort_key": {
"description": "Sorting on column is based on the sort_key. sort_key represents the field in the output data on which sort is requested.",
"maxLength": 255,
"title": "Key for sorting on this column",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over a cell in the grid.",
"items": {
"$ref": "Tooltip
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"default": "String",
"description": "Data type of the field.",
"enum": [
"String",
"Number",
"Date"
],
"maxLength": 255,
"required": true,
"title": "Field data type",
"type": "string"
}
},
"title": "Grid Column",
"type": "object"
}
CommunicationEntry (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A communication entry indicates the action to be performed for various types of traffic flowing between workload groups. This type is deprecated. Use the type Rule instead.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunicationEntry",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services.",
"enum": [
"ALLOW",
"DROP",
"REJECT"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains.In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "The list of policy paths where the communication entry is applied Edge/LR/T0/T1/LRP/CGW/MGW/etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array"
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple CommunicationEntries under CommunicationMap for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple communication entries with the same sequence number then their order is not deterministic. If a specific order of communication entry is desired, then one has to specify unique sequence numbers or use the POST request on the communication entry entity with a query parameter action=revise to let the framework assign a sequence number",
"required": false,
"title": "Sequence number of the this CommunicationEntry",
"type": "int"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array"
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs.",
"maxLength": 32,
"required": false,
"title": "Tag applied on the communication entry",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A communication entry specifies the security policy between the workload groups",
"type": "object"
}
CommunicationMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Ordered list of CommunicationEntries. This object is created by default along with the Domain. This type is deprecated. Use the type SecurityPolicy instead.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunicationMap",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework for Distributed Firewall provides four pre-defined categories for classifying a communication map. They are \"Emergency\", \"Infrastructure\", \"Environment\" and \"Application\". Amongst the layer 3 communication maps,there is a pre-determined order in which the policy framework manages the priority of these communication maps. Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a communication map into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four layer 3 categories.",
"required": false,
"title": "A way to classify a communication map, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"communication_entries": {
"items": {
"$ref": "CommunicationEntry
},
"required": false,
"title": "CommunicationEntries that are a part of this CommunicationMap",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"precedence": {
"description": "This field is used to resolve conflicts between communication maps across domains. In order to change the precedence of a communication map one can fire a POST request on the communication map entity with a query parameter action=revise The precedence field will reflect the value of the computed precedence upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several communication maps, the only way to set the precedence is to explicitly specify the precedence number for each communication map. If no precedence is specified in the payload, a value of 0 is assigned by default. If there are multiple communication maps with the same precedence then their order is not deterministic. If a specific order of communication map is desired, then one has to specify a unique precedence or use the POST request on the communication map entity with a query parameter action=revise to let the framework assign a precedence",
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of CommunicationEntries",
"type": "object"
}
CommunityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "CommunityList",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"communities": {
"description": "List of BGP community entries. Both standard and large communities are supported. Standard community format: aa:nn where aa and nn must be within the range [1 - 65536]. Large BGP Community format: aa:bb:nn where aa (Global Administrator), bb (Local Data Part 1) and nn (Local Data Part 2) must be within the range [1 - 4294967295]. In additon to numbered communites (e.g. 3356:2040), predefined communities (NO_EXPORT, NO_ADVERTISE, NO_EXPORT_SUBCONFED) are supported.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "List of BGP community entries",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Community list for BGP routing configuration",
"type": "object"
}
CommunityListListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CommunityListListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "CommunityList
},
"required": true,
"title": "CommunityList results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of CommunityLists",
"type": "object"
}
CommunityMatchCriteria (type)
{
"additionalProperties": false,
"id": "CommunityMatchCriteria",
"module_id": "PolicyConnectivity",
"properties": {
"criteria": {
"description": "Match criteria specified as a community list path or a regular expression.",
"required": true,
"title": "Match criteria based on community list path or a regular expression",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0RouteMap"
],
"relationshipType": "ROUTEMAP_COMMUNITY_LIST_RELATIONSHIP",
"rightType": [
"CommunityList"
]
}
]
},
"match_operator": {
"description": "Match operator for community list entries. Not valid when a regular expression is specified for criteria.",
"enum": [
"MATCH_ANY",
"MATCH_ALL",
"MATCH_EXACT",
"MATCH_COMMUNITY_REGEX",
"MATCH_LARGE_COMMUNITY_REGEX"
],
"required": false,
"title": "Match operator for community list entries",
"type": "string"
}
},
"title": "Match criteria based on a community list",
"type": "object"
}
CompatibilityCheckResult (type)
{
"additionalProperties": false,
"description": "Result of prechecks run for onboarding standby Global Manager or remote site. The checks include NSX version compatibility with active Global Manager, Round Trip Time (RTT), etc. Note that some of checks like RTT are soft limits.",
"id": "CompatibilityCheckResult",
"module_id": "PolicySiteGM",
"properties": {
"local_nsx_version": {
"description": "Local Site NSX version where active Global Mananger is running.",
"readonly": true,
"title": "Local Site NSX version where active Global Mananger is running",
"type": "string"
},
"nsx_version": {
"description": "Remote Site NSX version.",
"readonly": true,
"title": "Remote Site NSX version",
"type": "string"
},
"rtt": {
"description": "Round trip time to the remote Site or Global Manager from active Global Manager.",
"readonly": true,
"title": "Round trip time to the remote Site or Global Manager from active\nGlobal Manager\n",
"type": "integer"
},
"rtt_exceeded": {
"description": "Flag to indicate if RTT to remote Site exceeds the recommended limit.",
"readonly": true,
"title": "Flag to indicate if RTT to remote Site exceeds the recommended limit",
"type": "boolean"
},
"version_compatible": {
"description": "Flag to indicate if remote Site NSX version is compatible with active Global Manager.",
"readonly": true,
"title": "Flag to indicate if remote Site NSX version is compatible",
"type": "boolean"
}
},
"title": "Precheck result for onboaring standby Global Manager or remote Site to\nfederation\n",
"type": "object"
}
CompatibilityDetail (type)
{
"description": "Feature compatibility status details indicating specific site configuration incompatibility with global manager configuration.",
"id": "CompatibilityDetail",
"module_id": "GmConfigOnboarding",
"properties": {
"attributes": {
"items": {
"$ref": "OnboardingAttribute
},
"maxItems": 20,
"readonly": true,
"required": false,
"title": "Additional Attributes",
"type": "array"
},
"status_code": {
"description": "Unique integer number indicating configuration incompatibility.",
"readonly": true,
"required": true,
"title": "Status Code",
"type": "integer"
},
"status_message": {
"description": "A brief explaination of status code.",
"readonly": true,
"required": false,
"title": "Status Message",
"type": "string"
}
},
"title": "Feature Compatibility Details",
"type": "object"
}
ComponentTargetVersion (type)
{
"id": "ComponentTargetVersion",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": true,
"required": true,
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
ComponentTypeListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ComponentTypeListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type on which the action is performed or on which the results are filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeChecksInfo (type)
{
"additionalProperties": false,
"description": "Meta-data of pre/post-upgrade checks for a component",
"id": "ComponentUpgradeChecksInfo",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the pre/post-upgrade checks",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"post_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo
},
"required": false,
"title": "Collection of post-upgrade checks",
"type": "array"
},
"pre_upgrade_checks_info": {
"items": {
"$ref": "UpgradeCheckInfo
},
"required": false,
"title": "Collection of pre-upgrade checks",
"type": "array"
}
},
"title": "Meta-data of pre/post-upgrade checks for a component",
"type": "object"
}
ComponentUpgradeChecksInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ComponentUpgradeChecksInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ComponentUpgradeChecksInfo
},
"required": true,
"title": "Collection of info of pre/post-upgrade checks for components",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ComponentUpgradeStatus (type)
{
"additionalProperties": false,
"id": "ComponentUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"type": "object"
}
ComputeClusterIdfwConfiguration (type)
{
"additionalProperties": false,
"description": "Idfw configuration for enable/disable idfw on cluster level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ComputeClusterIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cluster_idfw_enabled": {
"description": "If set to true, idfw is enabled for this cluster",
"readonly": false,
"required": true,
"title": "Idfw enabled flag",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member": {
"$ref": "PolicyResourceReference,
"description": "Contains actual policy resource reference object",
"required": true,
"title": "PolicyResourceReference"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Compute cluster idfw configuration",
"type": "object"
}
ComputeCollection (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "ComputeCollection",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the compute collection in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External ID of the ComputeCollection in the source Compute manager,\ne.g. mo-ref in VC\n",
"type": "string"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this Compute Collection was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of\ncompute collection in the Compute Manager\n",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": true,
"title": "ComputeCollection type like VC_Cluster. Here the Compute Manager\ntype prefix would help in differentiating similar named Compute\nCollection types from different Compute Managers\n",
"type": "string"
},
"owner_id": {
"readonly": true,
"required": false,
"title": "Id of the owner of compute collection in the Compute Manager",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
Condition (type)
{
"additionalProperties": false,
"description": "Represents the leaf level condition. Evaluation of the condition expression will be case insensitive.",
"extends": {
"$ref": "Expression
},
"id": "Condition",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "Condition"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"enum": [
"Tag",
"Name",
"OSName",
"ComputerName",
"NodeType",
"GroupType"
],
"required": true,
"title": "Key",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"enum": [
"IPSet",
"VirtualMachine",
"LogicalPort",
"LogicalSwitch",
"Segment",
"SegmentPort",
"Pod",
"Service",
"Namespace",
"TransportNode",
"Group",
"DVPG",
"DVPort"
],
"required": true,
"title": "Group member type",
"type": "string"
},
"operator": {
"description": "Operator is made non-mandatory to support Segment and SegmentPort tag based expression. To evaluate expression for other types, operator value should be provided.",
"enum": [
"EQUALS",
"CONTAINS",
"STARTSWITH",
"ENDSWITH",
"NOTEQUALS",
"NOTIN"
],
"required": false,
"title": "operator",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"scope_operator": {
"description": "Default operator when not specified explicitly would be considered as EQUALS. If value for Condition is empty, then condition will not be evaluated. For example, Condition with key as Tag and value as \"|tag\" would be evaluated for tag value not for empty scope value.",
"enum": [
"EQUALS",
"NOTEQUALS"
],
"required": false,
"title": "operator",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"value": {
"minLength": 1,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "Represents the leaf level condition",
"type": "object"
}
ConditionalValueConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level expression to restrict the target attribute value based on the set of existing values. Generally, used in combination with RelatedAttributeConditionalExpression to constraint the values related to another attribute on the same resource. This object is always used in conjunction with some exression. Example - { \"condition\" : { \"operator\":\"INCLUDES\", \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"], \"value_constraint\": { \"resource_type\": \"ValueConstraintExpression\", \"operator\":\"EXCLUDES\", \"values\":[\"/infra/domains/mgw/groups/VCENTER\", \"/infra/domains/mgw/groups/SRM\", \"/infra/domains/mgw/groups/NSX\"] } }",
"id": "ConditionalValueConstraintExpression",
"module_id": "PolicyConstraints",
"properties": {
"operator": {
"enum": [
"INCLUDES",
"EXCLUDES",
"EQUALS"
],
"required": true,
"title": "Set operation to constraint values.",
"type": "string"
},
"rhs_value": {
"description": "List of values.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of values to perform operation.",
"type": "array"
},
"rhs_value_with_type": {
"$ref": "ConstraintValue,
"description": "List of values.",
"required": false,
"title": "Array of values to perform operation."
},
"value_constraint": {
"$ref": "ValueConstraintExpression,
"description": "Values to apply the conditional constraint on target.",
"required": true,
"title": "Value Constraint"
}
},
"title": "Represents the leaf level conditional value constraint.",
"type": "object"
}
ConfigOnboardingConflictRequest (type)
{
"additionalProperties": false,
"description": "Config onboarding request to verify conflicts in onboarding configuration on global manager for a site.",
"id": "ConfigOnboardingConflictRequest",
"module_id": "GmConfigOnboarding",
"properties": {
"prefix": {
"description": "User provided prefix string to resolve conflicting site entities.",
"readonly": true,
"required": false,
"title": "Prefix string",
"type": "string"
},
"site_id": {
"description": "Site Id.",
"readonly": true,
"required": false,
"title": "Site Id",
"type": "string"
},
"suffix": {
"description": "User provided suffix string to resolve conflicting site entities.",
"title": "Suffix string",
"type": "string"
}
},
"title": "Config onboarding conflict Request",
"type": "object"
}
ConfigOnboardingConflictStatus (type)
{
"additionalProperties": false,
"description": "Represents config onboarding conflict status on Global Manager.",
"id": "ConfigOnboardingConflictStatus",
"module_id": "GmConfigOnboarding",
"properties": {
"details": {
"$ref": "OnboardingFeatureInfo,
"readonly": true,
"required": false
},
"gm_details": {
"$ref": "GmConfigOnboardingConflictEntityInfo,
"readonly": true,
"required": false
},
"site_id": {
"description": "Site identifier of the site being onboarded.",
"readonly": true,
"required": true,
"title": "Site Id",
"type": "string"
},
"status": {
"$ref": "OnboardingConflictStatus,
"readonly": true,
"required": true
}
},
"title": "Config onboarding conflict status",
"type": "object"
}
ConfigOnboardingError (type)
{
"description": "Represents error details in case of system fail to onboard site configuration on global manager.",
"id": "ConfigOnboardingError",
"module_id": "GmConfigOnboarding",
"properties": {
"error_code": {
"description": "Error code for errors found during onboarding process.",
"readonly": true,
"required": false,
"title": "Error Code",
"type": "integer"
},
"error_message": {
"description": "Failure reason during onboarding process.",
"readonly": true,
"required": false,
"title": "Error message",
"type": "string"
}
},
"title": "Config Onboarding Error",
"type": "object"
}
ConfigOnboardingInProgressStatus (type)
{
"description": "Represents config onboarding status including processing phase compared to of total number of phases to complete config onboarding.",
"id": "ConfigOnboardingInProgressStatus",
"module_id": "GmConfigOnboarding",
"properties": {
"current_step": {
"description": "Represent intermidiate phase when onboarding or rollback is in-progress on global manager.",
"readonly": true,
"required": false,
"title": "Current Onboarding Step",
"type": "integer"
},
"feature": {
"$ref": "OnboardingFeatureInfo,
"readonly": true,
"required": false
},
"stage": {
"$ref": "OnboardingStage,
"readonly": true,
"required": false
},
"total_steps": {
"description": "Total number of phases involved in onboarding workflow.",
"readonly": true,
"required": false,
"title": "Total number of Onboarding Steps",
"type": "integer"
}
},
"title": "Config Onboarding in-progress status",
"type": "object"
}
ConfigOnboardingRequest (type)
{
"additionalProperties": false,
"description": "Config onboarding request to initiate onboarding workflow on global manager for a site.",
"id": "ConfigOnboardingRequest",
"module_id": "GmConfigOnboarding",
"properties": {
"prefix": {
"description": "User provided prefix string to resolve conflicting site entities.",
"readonly": true,
"required": false,
"title": "Prefix string",
"type": "string"
},
"site_backup_reference": {
"description": "Site backup image details to hint user to restore site before starting onboarding process.",
"readonly": true,
"required": true,
"title": "Site Backup Reference",
"type": "string"
},
"site_id": {
"description": "Site Id.",
"readonly": true,
"required": false,
"title": "Site Id",
"type": "string"
},
"suffix": {
"description": "User provided suffix string to resolve conflicting site entities.",
"title": "Suffix string",
"type": "string"
}
},
"title": "Config onboarding Request",
"type": "object"
}
ConfigOnboardingStatus (type)
{
"additionalProperties": false,
"description": "Represents config onboarding status on Global Manager.",
"id": "ConfigOnboardingStatus",
"module_id": "GmConfigOnboarding",
"properties": {
"details": {
"$ref": "ConfigOnboardingStatusDetails,
"readonly": true,
"required": false
},
"site_id": {
"description": "Site identifier of the site being onboarded.",
"readonly": true,
"required": true,
"title": "Site Id",
"type": "string"
},
"status": {
"$ref": "OnboardingStatus,
"readonly": true,
"required": true
},
"supported_features": {
"description": "List of supported features on global manager.",
"items": {
"$ref": "OnboardingFeatureInfo
},
"readonly": true,
"required": false,
"title": "List of supported features",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Onboarding status as of current timestamp.",
"readonly": false,
"required": true,
"title": "Status Timestamp"
},
"unsupported_features": {
"description": "List of unsupported features on global manager.",
"items": {
"$ref": "OnboardingFeatureInfo
},
"readonly": true,
"required": false,
"title": "List of unsupported features",
"type": "array"
}
},
"title": "Config on-boarding status",
"type": "object"
}
ConfigOnboardingStatusDetails (type)
{
"description": "Represents config on-boarding progress phase details per feature information with progress metric like completed entity count against total number of entities.",
"id": "ConfigOnboardingStatusDetails",
"module_id": "GmConfigOnboarding",
"properties": {
"error_messages": {
"items": {
"$ref": "ConfigOnboardingError
},
"readonly": true,
"required": false,
"type": "array"
},
"import_progress": {
"$ref": "ConfigOnboardingInProgressStatus,
"readonly": true,
"required": false
},
"revert_progress": {
"$ref": "ConfigOnboardingInProgressStatus,
"readonly": true,
"required": false
},
"site_backup_reference": {
"description": "Site backup image details to hint user to restore site before starting onboarding process.",
"readonly": true,
"required": false,
"title": "Site Backup Reference",
"type": "string"
}
},
"title": "Config on-boarding status details",
"type": "object"
}
ConfigState (type)
{
"additionalProperties": false,
"description": "Configuration State.",
"enum": [
"SUCCESS",
"IN_PROGRESS",
"ERROR",
"UNKNOWN",
"UNINITIALIZED"
],
"id": "ConfigState",
"module_id": "PolicyRealizedState",
"title": "Config State",
"type": "string"
}
ConfigurationState (type)
{
"id": "ConfigurationState",
"module_id": "Common",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConfigurationStateElement (type)
{
"id": "ConfigurationStateElement",
"module_id": "Common",
"properties": {
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"enum": [
"in_progress",
"success",
"failed",
"partial_success",
"in_sync",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_FAILED",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_FAILED",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"EDGE_CONFIG_ERROR",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_NETWORK_EDIT_PENDING",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"NOT_AVAILABLE",
"REGISTRATION_TIMEDOUT",
"pending",
"orphaned",
"unknown",
"error"
],
"readonly": true,
"required": true,
"title": "State of configuration on this sub system",
"type": "string"
},
"sub_system_address": {
"readonly": true,
"required": false,
"title": "URI of backing resource on sub system",
"type": "string"
},
"sub_system_id": {
"readonly": true,
"required": false,
"title": "Identifier of backing resource on sub system",
"type": "string"
},
"sub_system_name": {
"readonly": true,
"required": false,
"title": "Name of backing resource on sub system",
"type": "string"
},
"sub_system_type": {
"readonly": true,
"required": false,
"title": "Type of backing resource on sub system",
"type": "string"
}
},
"title": "Describes status of configuration of an entity",
"type": "object"
}
ConflictingEntityListResponse (type)
{
"additionalProperties": false,
"id": "ConflictingEntityListResponse",
"module_id": "GmConfigOnboarding",
"properties": {
"example": {
"$ref": "OnboardingFeatureInfo,
"description": "Conflict example",
"readonly": true,
"required": false,
"title": "Conflict example"
},
"feature_compability_data": {
"items": {
"$ref": "FeatureCompatibilityInfo
},
"maxItems": 100,
"readonly": true,
"required": false,
"type": "array"
},
"feature_descendants": {
"items": {
"$ref": "FeatureConflictInfo
},
"readonly": true,
"required": false,
"type": "array"
},
"feature_summary": {
"$ref": "FeatureSummary,
"readonly": true,
"required": false
},
"infra_descendants": {
"items": {
"$ref": "FeatureConflictInfo
},
"readonly": true,
"required": false,
"type": "array"
}
},
"title": "List of Features with conflict information",
"type": "object"
}
ConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operators AND or OR.",
"extends": {
"$ref": "Expression
},
"id": "ConjunctionOperator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ConjunctionOperator"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"conjunction_operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "Conjunction Operator Node",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents the operators AND or OR",
"type": "object"
}
ConnectivityAdvancedConfig (type)
{
"additionalProperties": false,
"id": "ConnectivityAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
}
},
"title": "Advanced configuration for Policy connectivity",
"type": "object"
}
ConsolidatedAPIListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ConsolidatedAPIListRequestParameters",
"module_id": "GroupingObjectsProviders",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement,
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated effective IP addresses API list request parameters",
"type": "object"
}
ConsolidatedEffectiveIPAddressMemberListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ConsolidatedEffectiveIPAddressMemberListResult",
"module_id": "GroupingObjectsProviders",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "EffectiveIPInfo
},
"required": true,
"title": "Paged Collection of site wise consolidated effective ip addresses for the given NSGroup",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ConsolidatedEffectiveIPListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Enforcement point. Enforcement point is mandatory for this request.",
"extends": {
"$ref": "ConsolidatedAPIListRequestParameters
},
"id": "ConsolidatedEffectiveIPListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point on which the API needs to be executed. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_filter": {
"$ref": "IPElement,
"description": "This filter can be used to verify an ip membership in the effective results",
"required": false,
"title": "An IPAddress or subnet for filtering the results."
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"site_id": {
"required": false,
"title": "UUID of the site from which the effective IP addresses are to be fetched\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Consolidated API Realization list request params",
"type": "object"
}
ConsolidatedRealizedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status of an intent object across enforcement points.",
"extends": {
"$ref": "AggregatePolicyRuntimeInfo
},
"id": "ConsolidatedRealizedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status across enforcement points.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"consolidated_status_per_enforcement_point": {
"description": "List of Consolidated Realized Status per enforcement point.",
"items": {
"$ref": "ConsolidatedStatusPerEnforcementPoint
},
"readonly": true,
"title": "List of Consolidated Realized Status per Enforcement Point",
"type": "array"
},
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F.",
"readonly": true,
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"intent_version": {
"description": "Represent highest intent version across all realized objects",
"readonly": true,
"title": "Intent version for the status",
"type": "string"
},
"publish_status": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Aggregated Realization state of this object",
"type": "string"
}
},
"title": "Consolidated Realized Status for an Intent Object",
"type": "object"
}
ConsolidatedStatus (type)
{
"additionalProperties": false,
"description": "Consolidated Status of an intent object. Status Consolidation of an intent happens at multiple levels: - Per Enforcement Point: calculation of the consolidated status is performed using all realized entities that the intent objet maps to on a specific enforcement point. - Across Enforcement Points: calculation of the consolidated status is performend aggregating the consolidated status from each enforcement point.",
"id": "ConsolidatedStatus",
"module_id": "PolicyRealizedState",
"properties": {
"consolidated_status": {
"$ref": "ConfigState,
"description": "Consolidated Realized Status of an intent object.",
"readonly": true,
"title": "Consolidated Realized Status"
}
},
"title": "Consolidated Status",
"type": "object"
}
ConsolidatedStatusNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point.",
"extends": {
"$ref": "ConsolidatedStatusPerEnforcementPoint
},
"id": "ConsolidatedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusNsxT"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforced_status": {
"$ref": "EnforcedStatusDetailsNsxT,
"description": "Detailed Realized Status inherent to an NSX-T Enforcement Point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "NSX-T Consolidated Status",
"type": "object"
}
ConsolidatedStatusPerEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Consolidated Realized Status Per Enforcement Point.",
"extends": {
"$ref": "BaseConsolidatedStatusPerEnforcementPoint
},
"id": "ConsolidatedStatusPerEnforcementPoint",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "ConsolidatedStatusPerEnforcementPoint"
},
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"consolidated_status": {
"$ref": "ConsolidatedStatus,
"description": "Consolidated Realized Status of an Intent object per enforcement point.",
"readonly": true,
"title": "Consolidated Realized Status"
},
"enforcement_point_id": {
"description": "Enforcement Point Id.",
"readonly": true,
"title": "Enforcement Point Id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
},
"resource_type": {
"required": true,
"type": "string"
},
"site_path": {
"description": "The site where this enforcement point resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
}
},
"title": "Consolidated Realized Status Per Enforcement Point",
"type": "object"
}
ConstantFieldValue (type)
{
"additionalProperties": false,
"description": "Constant Field Value.",
"extends": {
"$ref": "FieldSettingValue
},
"id": "ConstantFieldValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ConstantFieldValue"
},
"properties": {
"constant": {
"description": "Constant Value that the field must be set to.",
"title": "Constant Value",
"type": "object"
},
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Constant Field Value",
"type": "object"
}
Constraint (type)
{
"additionalProperties": false,
"description": "Constraint object to constraint any attribute on a resource based on specified expression. Example- Restrict the allowed services in Edge Communication Entry to list of services, if the destinationGroups contain vCenter. { \"target\":{ \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"services\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" } \"constraint_expression\":{ \"related_attribute\":{ \"attribute\":\"destinationGroups\" } \"condition\":{ \"operator\":\"INCLUDES\", \"rhs_value\":{\"vCenter\"} \"value_constraint\":{ \"operator\":\"ALLOW\", \"values\":{\"/ref/services/HTTPS\", \"/ref/services/HTTOP\", ...} } } } }",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Constraint",
"module_id": "PolicyConstraints",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"constraint_expression": {
"$ref": "ConstraintExpression,
"required": true,
"title": "Expression to constrain the target attribute value."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"message": {
"required": false,
"title": "User friendly message to be shown to users upon violation.",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target": {
"$ref": "ConstraintTarget,
"required": true,
"title": "Target resource attribute details."
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Constraint definition.",
"type": "object"
}
ConstraintExpression (type)
{
"abstract": true,
"description": "All the types of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "ManagedResource
},
"id": "ConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for constraint expression",
"type": "object"
}
ConstraintListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ConstraintListResult",
"module_id": "PolicyConstraints",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Constraint
},
"required": true,
"title": "Constraint list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Constraints",
"type": "object"
}
ConstraintTarget (type)
{
"additionalProperties": false,
"description": "Resource attribute on which constraint should be applied. Example - sourceGroups attribute of Edge CommunicationEntry to be restricted, is given as: { \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"sourceGroups\", \"path_prefix\":\"/infra/domains/vmc-domain/edge-communication-maps/default/communication-entries\" }",
"id": "ConstraintTarget",
"module_id": "PolicyConstraints",
"properties": {
"attribute": {
"required": false,
"title": "Attribute name of the target entity.",
"type": "string"
},
"path_prefix": {
"required": false,
"title": "Path prefix of the entity to apply constraint.\nThis is required to further disambiguiate if multiple policy entities\nshare the same resource type.\nExample - Edge FW and DFW use the same resource type CommunicationMap,\nCommunicationEntry, Group, etc.\n",
"type": "string"
},
"target_resource_type": {
"required": true,
"title": "Resource type of the target entity.",
"type": "string"
}
},
"title": "Resource attribute on which constraint should be applied.",
"type": "object"
}
ConstraintValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the types of value extend from this abstract class. This is present for extensibility.",
"id": "ConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
}
},
"title": "Base class for each value configuration",
"type": "object"
}
ContainerApplication (type)
{
"description": "Container application within a project.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerApplication",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this container application belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container application belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application on container cluster e.g. PCF app id, k8s service id.",
"readonly": false,
"required": true,
"title": "External identifier of the container application",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container application.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container application in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"status": {
"description": "Status of the container application.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container application within a project",
"type": "object"
}
ContainerApplicationInstance (type)
{
"description": "Container application instance within a project.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerApplicationInstance",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_node_id": {
"description": "Cluster node id where application instance is running.",
"readonly": false,
"required": false,
"title": "Cluster node id",
"type": "string"
},
"container_application_ids": {
"description": "List of identifiers of the container application.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this application instance belongs to.",
"readonly": true,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the container project which this container application instance belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container application instance on container cluster.",
"readonly": false,
"required": true,
"title": "External identifier of the container application instance",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container application instance.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container application instance.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container application instance",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container application instance in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"status": {
"description": "Status of the container application instance.",
"enum": [
"UNKNOWN",
"HEALTHY",
"UP",
"DOWN",
"DEGRADED"
],
"readonly": false,
"required": false,
"title": "Status of the container application instance",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Application Instance",
"type": "object"
}
ContainerApplicationInstanceGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ContainerApplicationInstanceGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"pod_id": {
"required": true,
"title": "ContainerApplicationInstance",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ContainerApplicationInstance(pod) id and enforcement point path",
"type": "object"
}
ContainerCluster (type)
{
"description": "Details of container cluster.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerCluster",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cluster_type": {
"description": "Type of the container cluster. In case of creating container cluster first time, it is expected to pass the valid cluster-type. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"enum": [
"PAS",
"PKS",
"Kubernetes",
"Openshift",
"WCP",
"WCP_Guest",
"AKS",
"EKS",
"TKGm",
"TKGi",
"GKE",
"Gardener",
"Rancher",
"TAS",
"Other"
],
"readonly": false,
"required": false,
"title": "Type of the container cluster",
"type": "string"
},
"cni_type": {
"default": "Other",
"description": "Specifies Container Network Interface type for container cluster.",
"enum": [
"NCP",
"Antrea",
"Other"
],
"readonly": false,
"required": false,
"title": "CNI type for container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"infrastructure": {
"$ref": "ContainerInfrastructureInfo,
"description": "Details of underlying infrastructure that hosts the container cluster. In case of creating container cluster first time, it is expected to pass the valid infrastructure. In case of update, if there is no change in cluster-type, then this field can be omitted in the request.",
"readonly": false,
"required": false,
"title": "Details of infrastructure for the container cluster"
},
"network_errors": {
"description": "List of network errors related to container cluster.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"supervisor_project_id": {
"description": "Specifies supervisor container project identifier for cluster.",
"readonly": false,
"required": false,
"title": "Supervisor ContainerProject identifier for cluster",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster",
"type": "object"
}
ContainerClusterNode (type)
{
"description": "Details of container cluster node i.e. container host.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerClusterNode",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cni_agent_status": {
"description": "Specifies Container Network Interface agent status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "CNI agent status of container cluster node",
"type": "string"
},
"container_cluster_id": {
"description": "External identifier of the container cluster.",
"readonly": false,
"required": false,
"title": "External identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container cluster node in K8S/PAS.",
"readonly": false,
"required": true,
"title": "External identifier of the container cluster node",
"type": "string"
},
"ip_addresses": {
"description": "List of IP addresses of container cluster node.",
"items": {
"$ref": "IPAddress
},
"readonly": false,
"required": false,
"title": "IP Addresses of Node",
"type": "array"
},
"network_errors": {
"description": "List of network errors related to container cluster node.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container cluster node.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container cluster node",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container cluster node in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"provider_id": {
"description": "Specifies identifier of container cluster node given by infrastructure provider of container cluster. e.g. in case of vSpehere, it will be instance uuid of worker node virtual machine.",
"readonly": false,
"required": false,
"title": "Provider id of container node",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container cluster node",
"type": "object"
}
ContainerConfiguration (type)
{
"additionalProperties": false,
"description": "Represents a container to group widgets that belong to a common category or have a common purpose.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "ContainerConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "ContainerConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"header": {
"$ref": "Header
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"labels": {
"description": "Labels for the container.",
"items": {
"$ref": "Label
},
"minItems": 0,
"title": "Labels",
"type": "array"
},
"layout": {
"$ref": "Layout,
"deprecated": true,
"description": "Layout of widgets can be either vertical or horizontal. If layout is not specified a default horizontal layout is applied. This property is deprecated. Now the layout inside the container can be taken care with the help of 'rowspan' and 'colspan' property.",
"title": "Layout of widgets inside container"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widgets": {
"description": "If not specified, creates an empty container.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"title": "Widgets held by the container",
"type": "array"
}
},
"title": "Container that holds widgets",
"type": "object"
}
ContainerInfrastructureInfo (type)
{
"description": "Details of infrastructure hosting the container cluster e.g. vSphere, AWS, VMC etc..",
"id": "ContainerInfrastructureInfo",
"module_id": "InventoryContainerObj",
"properties": {
"infra_type": {
"description": "Type of the infrastructure.",
"enum": [
"vSphere",
"AWS",
"Azure",
"Google",
"VMC",
"KVM",
"Baremetal"
],
"readonly": false,
"required": true,
"title": "Type of the infrastructure",
"type": "string"
}
},
"title": "Details of container infrastructure",
"type": "object"
}
ContainerIngressPolicy (type)
{
"description": "Details of Container Ingress Policy.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerIngressPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_application_ids": {
"description": "List of identifiers of the container application , on which ingress policy is applied. e.g. IDs of all services on which the ingress is applied in kubernetes.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Identifiers of the container application",
"type": "array"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this ingress policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this container ingress belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container ingress policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container ingress policy",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container ingress.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container ingress.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container ingress",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container ingress in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container ingress policy specification.",
"readonly": false,
"required": false,
"title": "Container ingress policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Ingress Policy",
"type": "object"
}
ContainerListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Antrea Cluster.",
"extends": {
"$ref": "RealizationListRequestParameters
},
"id": "ContainerListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster_id": {
"description": "ID of the cluster to query",
"required": false,
"title": "Cluster ID",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realization list request params",
"type": "object"
}
ContainerNetworkPolicy (type)
{
"description": "Network policy applied to container.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerNetworkPolicy",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"container_project_id": {
"description": "Identifier of the project which this network policy belongs to.",
"readonly": false,
"required": false,
"title": "Identifier of the project",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Identifier of the container network policy.",
"readonly": false,
"required": true,
"title": "External identifier of the container network policy",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container network policy.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container network policy.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container network policy",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container network policy in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"policy_type": {
"description": "Type e.g. Network Policy, ASG.",
"enum": [
"NETWORK_POLICY",
"ASG",
"ACNP",
"ANP"
],
"readonly": false,
"required": false,
"title": "Type",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"spec": {
"description": "Container network policy specification.",
"readonly": false,
"required": false,
"title": "Container network policy specification",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container Network Policy",
"type": "object"
}
ContainerProject (type)
{
"description": "Details of org/namespace within a container cluster.",
"extends": {
"$ref": "DiscoveredResource
},
"id": "ContainerProject",
"module_id": "InventoryContainerObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"container_cluster_id": {
"description": "Identifier of the container cluster to which this project/namespace belongs.",
"readonly": false,
"required": false,
"title": "Identifier of the container cluster",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "External identifier of the container project.",
"readonly": false,
"required": true,
"title": "External identifier of the container project",
"type": "string"
},
"network_errors": {
"description": "List of network errors related to container project.",
"items": {
"$ref": "NetworkError
},
"readonly": false,
"required": false,
"title": "Network errors",
"type": "array"
},
"network_status": {
"description": "Network status of container project.",
"enum": [
"HEALTHY",
"UNHEALTHY"
],
"readonly": false,
"required": false,
"title": "Network status of container project",
"type": "string"
},
"origin_properties": {
"description": "Array of additional specific properties of container project in key-value format.",
"items": {
"$ref": "KeyValuePair
},
"readonly": false,
"required": false,
"title": "Origin properties",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Container project within a container cluster",
"type": "object"
}
ContentFilterValue (type)
{
"enum": [
"ALL",
"DEFAULT"
],
"id": "ContentFilterValue",
"title": "Support bundle content filter allowed values",
"type": "string"
}
ContextProfileAttributesMetadata (type)
{
"additionalProperties": false,
"id": "ContextProfileAttributesMetadata",
"module_id": "PolicyContextProfile",
"properties": {
"key": {
"required": true,
"title": "Key for metadata",
"type": "string"
},
"value": {
"required": true,
"title": "Value for metadata key",
"type": "string"
}
},
"title": "Key value structure for holding metadata of context profile attributes",
"type": "object"
}
ContinueRequestParameters (type)
{
"additionalProperties": false,
"id": "ContinueRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Hints NSX to upgrade a specific component.",
"readonly": false,
"required": false,
"title": "Component to upgrade.",
"type": "string"
},
"skip": {
"default": false,
"readonly": false,
"required": false,
"title": "Skip to upgrade of next component.",
"type": "boolean"
}
},
"type": "object"
}
ControlClusteringConfig (type)
{
"description": "Config for joining cluster nodes VMs to a control cluster",
"extends": {
"$ref": "ClusteringConfig
},
"id": "ControlClusteringConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"type-identifier": "ControlClusteringConfig"
},
"properties": {
"clustering_type": {
"description": "Specifies the type of clustering config to be used.",
"enum": [
"ControlClusteringConfig"
],
"required": true,
"title": "Type for the clustering config",
"type": "string"
},
"join_to_existing_cluster": {
"description": "Specifies whether or not the cluster node VM should try to join to the existing control cluster or initialize a new one. Only required in uncertainty case, i.e. when there are manually- deployed controllers that are registered but not connected to the cluster and no auto-deployed controllers are part of the cluster.",
"required": false,
"title": "Flag to identify the type of clustering",
"type": "boolean"
},
"shared_secret": {
"description": "Shared secret to be used when joining the cluster node VM to a control cluster or for initializing a new cluster with the VM. Must contain at least 4 unique characters and be at least 6 characters long.",
"required": true,
"sensitive": true,
"title": "Cluster's shared secret",
"type": "string"
}
},
"title": "Clustering config for joining control cluster",
"type": "object"
}
CookiePersistenceModeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "If the persistence cookie is found in the incoming request, value of the cookie is used to identify the server that this request should be sent to. If the cookie is not found, then the server selection algorithm is used to select a new server to handle that request. Three different modes of cookie persistence are supported: insert, prefix and rewrite. In cookie insert mode, a cookie is inserted by load balancer in the HTTP response going from server to client. In cookie prefix and rewrite modes, server controls the cookie and load balancer only manipulates the value of the cookie. In prefix mode, server's cookie value is prepended with the server IP and port and then sent to the client. In rewrite mode, entire server's cookie value is replaced with the server IP and port in the response before sending it to the client.",
"enum": [
"INSERT",
"PREFIX",
"REWRITE"
],
"id": "CookiePersistenceModeType",
"module_id": "LoadBalancer",
"title": "cookie persistence mode",
"type": "string"
}
CopyFromRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CopyFromRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "Protocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^[^/:]+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyRemoteFileProperties (type)
{
"additionalProperties": {},
"id": "CopyRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"pattern": "^[^/:]+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CopyToRemoteFileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CopyToRemoteFileProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "Protocol,
"description": "Only scp and sftp may be used.",
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^[^/:]+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
CpuUsage (type)
{
"additionalProperties": false,
"id": "CpuUsage",
"module_id": "ApplianceStats",
"properties": {
"avg_cpu_core_usage_dpdk": {
"description": "Indicates the average usage of all DPDK cores in percentage.",
"readonly": true,
"title": "Average utilization of all DPDK cores",
"type": "number"
},
"avg_cpu_core_usage_non_dpdk": {
"description": "Indicates the average usage of all non-DPDK cores in percentage.",
"readonly": true,
"title": "Average usage of all non-DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_dpdk": {
"description": "Indicates the highest CPU utilization value among DPDK cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among DPDK cores",
"type": "number"
},
"highest_cpu_core_usage_non_dpdk": {
"description": "Indicates the highest cpu utilization value among non_dpdk cores in percentage.",
"readonly": true,
"title": "Highest CPU utilization value among non-DPDK cores",
"type": "number"
}
},
"title": "CPU usage of DPDK and non-DPDK cores",
"type": "object"
}
CreateRemoteDirectoryProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CopyRemoteFileProperties
},
"id": "CreateRemoteDirectoryProperties",
"properties": {
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "SftpProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"pattern": "^[^/:]+$",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"uri": {
"required": true,
"title": "URI of file to copy",
"type": "string"
}
},
"type": "object"
}
Criterion (type)
{
"additionalProperties": false,
"description": "Event Criterion is the logical evaluations by which the event may be deemed fulfilled. All the evaluations must be met in order for the criterion to be met (implicit AND).",
"id": "Criterion",
"module_id": "PolicyReaction",
"properties": {
"evaluations": {
"description": "Criterion Evaluations.",
"items": {
"$ref": "Evaluation
},
"minItems": 1,
"required": true,
"title": "Criterion Evaluations",
"type": "array"
}
},
"title": "Event Criterion",
"type": "object"
}
Crl (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Crl",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"$ref": "X509Crl,
"description": "Details of the X509Crl object.",
"readonly": true,
"required": false
},
"details_revoked_by_issuer_and_serial_number": {
"items": {
"$ref": "IssuerSerialNumber
},
"readonly": true,
"required": false,
"title": "Certificates revoked by issuer and serial number",
"type": "array"
},
"details_revoked_by_subject_and_public_key_hash": {
"items": {
"$ref": "SubjectPublicKeyHash
},
"readonly": true,
"required": false,
"title": "Certificates revoked by subject and public key hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlDistributionPoint (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CrlDistributionPoint",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"issuer": {
"description": "Issuer of the CRL, referring to the CA.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Issuer",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlDistributionPointList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CrlDistributionPointList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CrlDistributionPoint list.",
"items": {
"$ref": "CrlDistributionPoint
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "CrlDistributionPoint query result",
"type": "object"
}
CrlDistributionPointStatus (type)
{
"additionalProperties": false,
"id": "CrlDistributionPointStatus",
"module_id": "CertificateManager",
"properties": {
"error_message": {
"description": "Error message when fetching the CRL failed.",
"readonly": true,
"required": false,
"title": "Error Message",
"type": "string"
},
"status": {
"$ref": "CdpStatusType,
"description": "Status of the fetched CRL for this CrlDistributionPoint",
"readonly": true,
"required": true,
"title": "Status"
}
},
"title": "Reference to a CRL Distribution Point where to fetch a CRL",
"type": "object"
}
CrlList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CrlList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CRL list.",
"items": {
"$ref": "Crl
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Crl queries result",
"type": "object"
}
CrlObjectData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "CrlObjectData",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded CRL data.",
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CrlPemRequestType (type)
{
"additionalProperties": false,
"id": "CrlPemRequestType",
"module_id": "CertificateManager",
"properties": {
"cdp_uri": {
"description": "CRL Distribution Point URI where to fetch the CRL.",
"maxLength": 255,
"readonly": true,
"required": true,
"title": "CDP URI",
"type": "string"
}
},
"title": "Request Type to get a CRL's PEM file.",
"type": "object"
}
CrossSiteFlowInfo (type)
{
"description": "Represents details of the config flow between sites. Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "CrossSiteFlowInfo",
"module_id": "FederationObservability",
"properties": {
"from_site_id": {
"read_only": true,
"title": "Site id of the source",
"type": "string"
},
"from_site_path": {
"read_only": true,
"title": "Source site policy path",
"type": "string"
},
"full_sync_info": {
"$ref": "FullSyncInfo,
"read_only": true,
"title": "Full sync information for the flow"
},
"latency_measured_ts": {
"read_only": true,
"title": "Timestamp of latency measurement",
"type": "integer"
},
"latency_millis": {
"read_only": true,
"title": "Latency from source to destination site in milli seconds",
"type": "integer"
},
"status": {
"enum": [
"GOOD",
"DISCONNECTED",
"RECOVERY",
"ERROR",
"UNKNOWN",
"NOT_READY"
],
"read_only": true,
"title": "Overall status of the flow",
"type": "string"
},
"to_site_id": {
"read_only": true,
"title": "Site id of the destination",
"type": "string"
},
"to_site_path": {
"read_only": true,
"title": "Destination site policy path",
"type": "string"
}
},
"title": "Information about config flow in federation",
"type": "object"
}
CryptoAlgorithm (type)
{
"additionalProperties": false,
"id": "CryptoAlgorithm",
"module_id": "CertificateManager",
"properties": {
"key_size": {
"description": "Supported key sizes for the algorithm.",
"items": {
"$ref": "KeySize
},
"readonly": true,
"required": true,
"type": "array"
},
"name": {
"description": "Crypto algorithm name.",
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
CryptoEnforcement (type)
{
"additionalProperties": false,
"description": "If enforced and if TLS protocol Client/Server Hello has none of the permitted TLS versions or ciphers then the connection is immediately terminated.",
"enum": [
"ENFORCE",
"TRANSPARENT"
],
"help_summary": "Use of 'ENFORCE' will terminate connection if TLS protocol Client/Server Hello has\nnone of the permitted TLS versions or ciphers.\nUse of 'TRANSPARENT' will let client's and server's own choices use for TLS\nversions and ciphers to successfully intercept the connection.\n",
"id": "CryptoEnforcement",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "Action for crypto enforcement",
"type": "string"
}
Csr (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "Csr",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA"
],
"readonly": false,
"required": false,
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
CsrExt (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Csr
},
"id": "CsrExt",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA"
],
"readonly": false,
"required": false,
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extensions": {
"$ref": "CsrExtensions,
"description": "X509 v3 extensions to be added to a CSR.",
"readonly": true,
"required": false,
"title": "X509 extensions to add"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Extended certificate signing request body",
"type": "object"
}
CsrExtensions (type)
{
"additionalProperties": false,
"id": "CsrExtensions",
"module_id": "CertificateManager",
"properties": {
"subject_alt_names": {
"$ref": "SubjectAltNames,
"description": "Subject alternative names of the CSR",
"readonly": true,
"required": false,
"title": "Subject alternative names"
}
},
"title": "Collection of various x509 v3 extensions to be added to a CSR",
"type": "object"
}
CsrList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "CsrList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "CSR list.",
"items": {
"$ref": "Csr
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Csr queries result",
"type": "object"
}
CsrWithDaysValid (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Csr
},
"id": "CsrWithDaysValid",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA"
],
"readonly": false,
"required": false,
"type": "string"
},
"days_valid": {
"default": 825,
"maximum": 10000,
"minimum": 1,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "CSR data with days valid",
"type": "object"
}
CsvListResult (type)
{
"abstract": true,
"description": "Base type for CSV result.",
"id": "CsvListResult",
"module_id": "CsvTypes",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
}
},
"type": "object"
}
CsvRecord (type)
{
"abstract": true,
"description": "Base type for CSV records.",
"id": "CsvRecord",
"module_id": "CsvTypes",
"type": "object"
}
CurrentBackupOperationStatus (type)
{
"additionalProperties": false,
"id": "CurrentBackupOperationStatus",
"module_id": "BackupConfiguration",
"properties": {
"backup_id": {
"required": false,
"title": "Unique identifier of current backup",
"type": "string"
},
"current_step": {
"enum": [
"BACKUP_CREATING_CLUSTER_BACKUP",
"BACKUP_CREATING_NODE_BACKUP"
],
"required": false,
"title": "Current step of operation",
"type": "string"
},
"current_step_message": {
"required": false,
"title": "Additional human-readable status information about current step",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation is expected to end"
},
"operation_type": {
"enum": [
"NONE",
"BACKUP"
],
"required": false,
"title": "Type of operation that is in progress. Returns none if no operation is in progress, in which case\nnone of the other fields will be set.\n",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time when operation was started"
}
},
"title": "Current backup operation status",
"type": "object"
}
CustomAttributeAction (type)
{
"additionalProperties": false,
"description": "Request Parameter which specify action to either add or remove the custom values.",
"id": "CustomAttributeAction",
"module_id": "PolicyContextProfile",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove Custom Context Profile Attribute values.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove Custom Context Profile Attribute values.",
"type": "string"
}
},
"title": "Request Parameters for Custom Context Profile Attributes",
"type": "object"
}
CustomFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom filter widget. For this widget the data source is not applicable. It defines ui identifer for filter UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "FilterWidgetConfiguration
},
"id": "CustomFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined filter component selector to be rendered inside view/container.",
"required": true,
"title": "UI identifier for filter component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom Filter widget Configuration",
"type": "object"
}
CustomWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for custom widget. For this widget the data source is not applicable. It defines ui identifer to identify UI component and render it on dashboard view. This configuration can only be used for system owned widgets.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "CustomWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "CustomWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ui_component_identifier": {
"description": "User defined component selector to be rendered inside view/container.",
"title": "UI identifier for component to be rendered inside view/container",
"type": "string"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Custom widget Configuration",
"type": "object"
}
CvxConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a CVX type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "CvxConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "CvxConnectionInfo"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": false,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "string"
}
},
"title": "CVX Connection Info",
"type": "object"
}
DADMode (type)
{
"additionalProperties": false,
"description": "Duplicate address detection modes.",
"enum": [
"LOOSE",
"STRICT"
],
"id": "DADMode",
"module_id": "Routing",
"title": "DAD Mode",
"type": "string"
}
DADStatus (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status for IP address on port.",
"enum": [
"DUPLICATED",
"TENTATIVE",
"ASSIGNED",
"NOT_APPLICABLE",
"UNKNOWN"
],
"id": "DADStatus",
"module_id": "LogicalRouterPorts",
"title": "DAD Status",
"type": "string"
}
DNSForwarderStatisticsPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder statistics per enforcement point.",
"id": "DNSForwarderStatisticsPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the statistics are fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatistics"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder statistics per enforcement point",
"type": "object"
}
DNSForwarderStatusPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder status per enforcement point.",
"id": "DNSForwarderStatusPerEnforcementPoint",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the status is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatus"
],
"required": true,
"type": "string"
}
},
"title": "DNS forwarder status per enforcement point",
"type": "object"
}
DataCounter (type)
{
"id": "DataCounter",
"module_id": "AggSvcL2Types",
"properties": {
"dropped": {
"required": false,
"title": "The dropped packets or bytes",
"type": "integer"
},
"multicast_broadcast": {
"required": false,
"title": "The multicast and broadcast packets or bytes",
"type": "integer"
},
"total": {
"required": true,
"title": "The total packets or bytes",
"type": "integer"
}
},
"type": "object"
}
DataSourceParameters (type)
{
"id": "DataSourceParameters",
"module_id": "Types",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
DataSourceType (type)
{
"enum": [
"realtime",
"cached"
],
"id": "DataSourceType",
"module_id": "Types",
"title": "Data source type.",
"type": "string"
}
Datasource (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "Datasource",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"display_name": {
"description": "Name of a datasource instance.",
"maxLength": 255,
"required": true,
"title": "Datasource instance's display name",
"type": "string"
},
"keystore_info": {
"$ref": "KeyStoreInfo,
"description": "Key Store information for all the url aliases defined in datasource. Use this property if key store information is same for each url aliases in the datasource.",
"title": "Key Store Info"
},
"urls": {
"description": "Array of urls relative to the datasource configuration. For example, api/v1/fabric/nodes is a relative url of nsx-manager instance.",
"items": {
"$ref": "UrlAlias
},
"required": true,
"title": "Array of relative urls and their aliases",
"type": "array"
}
},
"title": "Datasource Instance",
"type": "object"
}
DatetimeUTC (type)
{
"description": "Datetime string in UTC in the RFC3339 format 'yyyy-mm-ddThh:mm:ssZ'",
"id": "DatetimeUTC",
"title": "Datetime string in UTC",
"type": "string"
}
DecryptionFailAction (type)
{
"additionalProperties": false,
"description": "Action to take when TLS handshake fails.",
"enum": [
"BLOCK",
"BYPASS"
],
"help_summary": "Use of 'BLOCK' will terminate subsequent connections.\nUse of 'BYPASS' will remember handshake failure and not intercept subsequent.\nconnections.\n",
"id": "DecryptionFailAction",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "TLS handshake fail action",
"type": "string"
}
DefaultFilterValue (type)
{
"additionalProperties": false,
"description": "An instance of a datasource configuration.",
"id": "DefaultFilterValue",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Filter alias.",
"required": true,
"title": "Filter alias",
"type": "string"
},
"value": {
"description": "Filter default value.",
"required": true,
"title": "Filter default value",
"type": "string"
}
},
"title": "Default filter values",
"type": "object"
}
DeleteRequestParameters (type)
{
"additionalProperties": {},
"id": "DeleteRequestParameters",
"module_id": "Common",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Parameters that affect how delete operations are processed",
"type": "object"
}
DependentServices (type)
{
"additionalProperties": false,
"id": "DependentServices",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"dependent_services": {
"description": "List of firewall dependent services.",
"items": {
"type": "string"
},
"title": "List of firewall dependent services",
"type": "array"
}
},
"type": "object"
}
DeploymentZone (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Logical grouping of enforcement points. This is a deprecated type. DeploymentZone has been renamed to Site. Use Site.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DeploymentZone",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_points": {
"items": {
"$ref": "EnforcementPoint
},
"required": false,
"title": "Logical grouping of enforcement points",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Deployment zone",
"type": "object"
}
DetachClusterParameters (type)
{
"id": "DetachClusterParameters",
"properties": {
"force": {
"enum": [
"true",
"false"
],
"type": "string"
},
"graceful-shutdown": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
},
"ignore-repository-ip-check": {
"default": "false",
"enum": [
"true",
"false"
],
"required": false,
"type": "string"
}
},
"type": "object"
}
DfwFirewallConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FirewallConfiguration
},
"id": "DfwFirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DfwFirewallConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To disable auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idfw_enabled": {
"default": false,
"description": "If set to true, identity firewall is enabled.",
"title": "Identity firewall enable flag",
"type": "boolean"
},
"idfw_event_log_scraper_enabled": {
"default": false,
"description": "Enables event log scraping for Identity firewall.",
"title": "Enable event log scraping",
"type": "boolean"
},
"idfw_loginsight_enabled": {
"default": false,
"description": "If set to true, collection of login/logout events from Loginsight server is enabled.",
"title": "Enable Loginsight server for Identity Firewall",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DFW Firewall related configurations",
"type": "object"
}
DhGroup (type)
{
"additionalProperties": false,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1048-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group. GROUP19 uses 256-bit Random Elliptic Curve (ECP) group. GROUP20 uses 384-bit Random ECP group. GROUP21 uses 521-bit Random ECP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16",
"GROUP19",
"GROUP20",
"GROUP21"
],
"id": "DhGroup",
"module_id": "PolicyVpnIPSecVpn",
"title": "Diffie-Hellman groups",
"type": "string"
}
DhcpDeleteLeaseRequestParameters (type)
{
"additionalProperties": false,
"id": "DhcpDeleteLeaseRequestParameters",
"module_id": "Dhcp",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true
},
"mac": {
"$ref": "MACAddress,
"required": true
}
},
"type": "object"
}
DhcpDeleteLeases (type)
{
"additionalProperties": false,
"id": "DhcpDeleteLeases",
"module_id": "PolicyConnectivity",
"properties": {
"leases": {
"items": {
"$ref": "DhcpDeleteLeaseRequestParameters
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "List of DHCP leases",
"type": "array"
}
},
"title": "List of DHCP leases to be deleted",
"type": "object"
}
DhcpHeader (type)
{
"additionalProperties": false,
"id": "DhcpHeader",
"module_id": "Traceflow",
"properties": {
"op_code": {
"default": "BOOTREQUEST",
"description": "This is used to specify the general type of message. A client sending request to a server uses an op code of BOOTREQUEST, while a server replying uses an op code of BOOTREPLY.",
"enum": [
"BOOTREQUEST",
"BOOTREPLY"
],
"required": false,
"title": "Message op code / message type",
"type": "string"
}
},
"type": "object"
}
DhcpIpPoolUsage (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpIpPoolUsage",
"module_id": "AggSvcDhcp",
"properties": {
"allocated_number": {
"required": true,
"title": "allocated number. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"allocated_percentage": {
"required": true,
"title": "allocated percentage. COULD BE INACCURATE, REFERENCE ONLY.",
"type": "integer"
},
"dhcp_ip_pool_id": {
"required": true,
"title": "uuid of dhcp ip pool",
"type": "string"
},
"pool_size": {
"required": true,
"title": "pool size",
"type": "integer"
}
},
"type": "object"
}
DhcpLeasePerIP (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpLeasePerIP",
"module_id": "AggSvcDhcp",
"properties": {
"expire_time": {
"required": false,
"title": "expire time of the lease",
"type": "string"
},
"ip_address": {
"required": true,
"title": "ip address of client",
"type": "string"
},
"lease_time": {
"required": false,
"title": "lease time of the ip address, in seconds",
"type": "string"
},
"mac_address": {
"required": true,
"title": "mac address of client",
"type": "string"
},
"start_time": {
"required": true,
"title": "start time of lease",
"type": "string"
},
"subnet": {
"required": false,
"title": "subnet of client network",
"type": "string"
}
},
"type": "object"
}
DhcpLeases (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "ListResult
},
"id": "DhcpLeases",
"module_id": "AggSvcDhcp",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpLeasesResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpLeases
},
"id": "DhcpLeasesResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"connectivity_path": {
"description": "Policy path to Segment, Tier0 or Tier1 gateway where DHCP server is attached.",
"required": false,
"title": "Policy path to Segment, Tier0 or Tier1 gateway",
"type": "string"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"dhcp_server_id": {
"required": false,
"title": "dhcp server uuid",
"type": "string"
},
"leases": {
"items": {
"$ref": "DhcpLeasePerIP
},
"maxItems": 65535,
"minItems": 0,
"required": false,
"title": "The lease info list of the server",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "timestamp of the lease info"
}
},
"type": "object"
}
DhcpOption121 (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "DHCP option 121 to define classless static route.",
"id": "DhcpOption121",
"module_id": "Dhcp",
"properties": {
"static_routes": {
"description": "Classless static route of DHCP option 121.",
"items": {
"$ref": "ClasslessStaticRoute
},
"maxItems": 27,
"minItems": 1,
"required": true,
"title": "DHCP classless static routes",
"type": "array"
}
},
"title": "DHCP option 121",
"type": "object"
}
DhcpRelayConfig (type)
{
"additionalProperties": false,
"description": "DHCP relay configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-relay-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpRelayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_addresses": {
"description": "DHCP server IP addresses for DHCP relay configuration. Both IPv4 and IPv6 addresses are supported.",
"items": {
"$ref": "IPAddress
},
"maxItems": 8,
"required": true,
"title": "DHCP relay addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP relay configuration",
"type": "object"
}
DhcpRelayConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpRelayConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpRelayConfig
},
"required": true,
"title": "DhcpRelayConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpRelayConfigs",
"type": "object"
}
DhcpServerConfig (type)
{
"additionalProperties": false,
"description": "DHCP server configuration. Please note, the realized-state of this entity returned by the \"GET /policy/api/v1/infra/realized-state/realized-entity\" with this entity policy-path is irrelevant with the application status of this entity. Please do not rely on this returned realized-state to determine how this dhcp-server-config was applied. The dhcp realization information was reflected in the realization states of the referencing Segment or T0/T1 gateway.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpServerConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "The reference to the edge cluster using the policy path of the edge cluster. Auto assigned if only one edge cluster is configured on enforcement-point. Modifying edge cluster will reallocate DHCP server to the new edge cluster. Please note that re-allocating edge-cluster will result in losing of all exisitng DHCP lease information. Change edge cluster only when losing DHCP leases is not a real problem, e.g. cross-site migration or failover and all client hosts will be reboot and get new IP addresses.",
"required": false,
"title": "Edge cluster path",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lease_time": {
"default": 86400,
"description": "IP address lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "IP address lease time in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Policy paths to edge nodes on which the DHCP servers run. The first edge node is assigned as active edge, and second one as stanby edge. If only one edge node is specified, the DHCP servers will run without HA support. When this property is not specified, edge nodes are auto-assigned during realization of the DHCP server.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "Edge node path",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"server_address": {
"deprecated": true,
"description": "DHCP server address in CIDR format. Prefix length should be less than or equal to 30. DHCP server is deployed as DHCP relay service. This property is deprecated, use server_addresses instead. Both properties cannot be specified together with different new values.",
"format": "ip-cidr-block",
"required": false,
"title": "DHCP server address in CIDR format",
"type": "string"
},
"server_addresses": {
"description": "DHCP server address in CIDR format. Both IPv4 and IPv6 address families are supported. Prefix length should be less than or equal to 30 for IPv4 address family and less than or equal to 126 for IPv6. When not specified, IPv4 value is auto-assigned to 100.96.0.1/30. Ignored when this object is configured at a Segment.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "DHCP server address in CIDR format",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP server configuration",
"type": "object"
}
DhcpServerConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpServerConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpServerConfig
},
"required": true,
"title": "DhcpServerConfig results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DhcpServerConfigs",
"type": "object"
}
DhcpServerLeaseRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpServerRequestParameters
},
"id": "DhcpServerLeaseRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"address": {
"description": "IP address, IP range or MAC address to retrieve specific lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "IP or MAC address",
"type": "string"
},
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_path": {
"description": "Segment path to retrieve lease information. Either a \"address\" or a \"segment_path\" can be provided, but not both in the same call.",
"required": false,
"title": "Segment path to retrieve lease information",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"description": "The data source, either realtime or cached. If not provided, cached data is returned.",
"required": false,
"title": "The data source"
}
},
"title": "DHCP server lease request parameters",
"type": "object"
}
DhcpServerRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DhcpServerRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connectivity_path": {
"description": "String Path of Tier0, Tier1 or Segment where DHCP server is deployed. Specify Tier0/Tier1 gateway path for DHCP server attached to the gateway. Segment path must be specified for local DHCP server configuration.",
"required": true,
"title": "String Path of Tier0, Tier1 or Segment",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path. Required when multiple enforcement points are configured.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DHCP server list request parameters",
"type": "object"
}
DhcpServerState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState
},
"id": "DhcpServerState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpServerStatistics (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DhcpStatistics
},
"id": "DhcpServerStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"acks": {
"required": true,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": true,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": true,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": true,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": true,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": true,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": true,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": true,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": true,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": true,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpServerStatus (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpServerStatus",
"module_id": "AggSvcDhcp",
"properties": {
"active_node": {
"required": true,
"title": "uuid of active transport node",
"type": "string"
},
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"service_status": {
"description": "UP means the dhcp service is working fine on both active transport-node and stand-by transport-node (if have), hence fail-over can work at this time if there is failure happens on one of the transport-node; DOWN means the dhcp service is down on both active transport-node and stand-by node (if have), hence the dhcp-service will not repsonse any dhcp request; Error means error happens on transport-node(s) or no status is reported from transport-node(s). The dhcp service may be working (or not working); NO_STANDBY means dhcp service is working in one of the transport node while not in the other transport-node (if have). Hence if the dhcp service in the working transport-node is down, fail-over will not happen and the dhcp service will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_STANDBY"
],
"required": true,
"type": "string"
},
"stand_by_node": {
"required": false,
"title": "uuid of stand_by transport node. null if non-HA mode",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBindingConfig (type)
{
"abstract": true,
"additionalProperties": false,
"description": "DHCP IPv4 and IPv6 static bindings are extended from this abstract class.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DhcpStaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for DHCP options",
"type": "object"
}
DhcpStaticBindingConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DhcpStaticBindingConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DhcpStaticBindingConfig
},
"required": true,
"title": "Paginated list of DhcpStaticBindingConfig",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
DhcpStaticBindingState (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConfigurationState
},
"id": "DhcpStaticBindingState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"type": "object"
}
DhcpStatistics (type) (Deprecated)
{
"deprecated": true,
"id": "DhcpStatistics",
"module_id": "AggSvcDhcp",
"properties": {
"acks": {
"required": true,
"title": "The total number of DHCP ACK packets",
"type": "integer"
},
"declines": {
"required": true,
"title": "The total number of DHCP DECLINE packets",
"type": "integer"
},
"dhcp_server_id": {
"required": true,
"title": "dhcp server uuid",
"type": "string"
},
"discovers": {
"required": true,
"title": "The total number of DHCP DISCOVER packets",
"type": "integer"
},
"errors": {
"required": true,
"title": "The total number of DHCP errors",
"type": "integer"
},
"informs": {
"required": true,
"title": "The total number of DHCP INFORM packets",
"type": "integer"
},
"ip_pool_stats": {
"items": {
"$ref": "DhcpIpPoolUsage
},
"required": false,
"title": "The DHCP ip pool usage statistics",
"type": "array"
},
"nacks": {
"required": true,
"title": "The total number of DHCP NACK packets",
"type": "integer"
},
"offers": {
"required": true,
"title": "The total number of DHCP OFFER packets",
"type": "integer"
},
"releases": {
"required": true,
"title": "The total number of DHCP RELEASE packets",
"type": "integer"
},
"requests": {
"required": true,
"title": "The total number of DHCP REQUEST packets",
"type": "integer"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
DhcpV4Options (type)
{
"additionalProperties": false,
"description": "DHCP options for IPv4 server.",
"id": "DhcpV4Options",
"module_id": "PolicyConnectivity",
"properties": {
"option121": {
"$ref": "DhcpOption121,
"description": "DHCP option 121 to define classless static routes.",
"required": false,
"title": "DHCP option 121"
},
"others": {
"description": "To define DHCP options other than option 121 in generic format. Please note, only the following options can be defined in generic format. Those other options will be accepted without validation but will not take effect. -------------------------- Code Name -------------------------- 2 Time Offset 6 Domain Name Server 13 Boot File Size 19 Forward On/Off 26 MTU Interface 28 Broadcast Address 35 ARP Timeout 40 NIS Domain 41 NIS Servers 42 NTP Servers 44 NETBIOS Name Srv 45 NETBIOS Dist Srv 46 NETBIOS Node Type 47 NETBIOS Scope 58 Renewal Time 59 Rebinding Time 64 NIS+-Domain-Name 65 NIS+-Server-Addr 66 TFTP Server-Name (used by PXE) 67 Bootfile-Name (used by PXE) 93 PXE: Client system architecture 94 PXE: Client NDI 97 PXE: UUID/UNDI 117 Name Service Search 119 Domain Search 150 TFTP server address (used by PXE) 175 Etherboot 209 PXE Configuration File 210 PXE Path Prefix 211 PXE Reboot Time",
"items": {
"$ref": "GenericDhcpOption
},
"maxItems": 255,
"minItems": 0,
"required": false,
"title": "Other DHCP options",
"type": "array"
}
},
"title": "DHCP options for IPv4 address family",
"type": "object"
}
DhcpV4StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv4 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig
},
"id": "DhcpV4StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV4StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"gateway_address": {
"$ref": "IPv4Address,
"description": "When not specified, gateway address is auto-assigned from segment configuration.",
"title": "Gateway IP address"
},
"host_name": {
"description": "Hostname to assign to the host.",
"maxLength": 63,
"title": "Host name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPv4Address,
"description": "IP assigned to host. The IP address must belong to the subnet, if any, configured on Segment.",
"required": true,
"title": "IP assigned to host"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds.",
"maximum": 4294967295,
"minimum": 60,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "MAC address of the host.",
"required": true,
"title": "MAC address of host"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"options": {
"$ref": "DhcpV4Options,
"description": "IPv4 DHCP options.",
"required": false,
"title": "DHCP options"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
DhcpV6StaticBindingConfig (type)
{
"additionalProperties": false,
"description": "DHCP IPv6 static bindings are configured for each segment.",
"extends": {
"$ref": "DhcpStaticBindingConfig
},
"id": "DhcpV6StaticBindingConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "DhcpV6StaticBindingConfig"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"description": "When not specified, no DNS nameserver will be set to client host.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "DNS nameservers to be set to client host",
"type": "array"
},
"domain_names": {
"description": "When not specified, no domain name will be assigned to client host.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names to be assigned to client host",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "When not specified, no ip address will be assigned to client host.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IP addresses to be assigned to client host",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "Lease time, in seconds.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Lease time",
"type": "integer"
},
"mac_address": {
"$ref": "MACAddress,
"description": "The MAC address of the client host. Either client-duid or mac-address, but not both.",
"required": true,
"title": "MAC address"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_time": {
"description": "Preferred time, in seconds. If this value is not provided, the value of lease_time*0.8 will be used.",
"maximum": 4294967295,
"minimum": 48,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"DhcpV4StaticBindingConfig",
"DhcpV6StaticBindingConfig"
],
"required": true,
"type": "string"
},
"sntp_servers": {
"description": "SNTP server IP addresses.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "SNTP server ips",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DHCP static binding",
"type": "object"
}
Dhcpv6Header (type)
{
"additionalProperties": false,
"id": "Dhcpv6Header",
"module_id": "Traceflow",
"properties": {
"msg_type": {
"default": "SOLICIT",
"description": "This is used to specify the DHCP v6 message. To request the assignment of one or more IPv6 addresses, a client first locates a DHCP server and then requests the assignment of addresses and other configuration information from the server. The client sends a Solicit message to the All_DHCP_Relay_Agents_and_Servers address to find available DHCP servers. Any server that can meet the client's requirements responds with an Advertise message. The client then chooses one of the servers and sends a Request message to the server asking for confirmed assignment of addresses and other configuration information. The server responds with a Reply message that contains the confirmed addresses and configuration. SOLICIT - A client sends a Solicit message to locate servers. ADVERTISE - A server sends and Advertise message to indicate that it is available. REQUEST - A client sends a Request message to request configuration parameters. REPLY - A server sends a Reply message containing assigned addresses and configuration parameters.",
"enum": [
"SOLICIT",
"ADVERTISE",
"REQUEST",
"REPLY"
],
"required": false,
"title": "DHCP message type",
"type": "string"
}
},
"type": "object"
}
DiscoveredNode (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "DiscoveredNode",
"module_id": "InventoryCmObj",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"certificate": {
"required": false,
"title": "Certificate of the discovered node",
"type": "string"
},
"cm_local_id": {
"readonly": true,
"required": true,
"title": "Local Id of the discovered node in the Compute Manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the discovered node, ex. a mo-ref from VC",
"type": "string"
},
"hardware_id": {
"description": "Hardware Id is generated using system hardware info. It is used to retrieve fabric node of the esx.",
"readonly": true,
"required": false,
"title": "Hardware Id of the discovered node",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": true,
"title": "IP Addresses of the the discovered node.",
"type": "array"
},
"node_type": {
"readonly": true,
"required": true,
"title": "Discovered Node type like Host",
"type": "string"
},
"origin_id": {
"readonly": true,
"required": true,
"title": "Id of the compute manager from where this node was discovered",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional specific properties of discovered\nnode in the Compute Manager\n",
"type": "array"
},
"os_type": {
"readonly": true,
"required": false,
"title": "OS type of the discovered node",
"type": "string"
},
"os_version": {
"readonly": true,
"required": false,
"title": "OS version of the discovered node",
"type": "string"
},
"parent_compute_collection": {
"readonly": true,
"required": false,
"title": "External id of the compute collection to which this node belongs",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"stateless": {
"description": "The stateless property describes whether host persists its state across reboot or not. If state persists, value is set as false otherwise true.",
"readonly": true,
"required": false,
"title": "Specifies whether host is stateless",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
DiscoveredResource (type)
{
"abstract": true,
"extends": {
"$ref": "Resource
},
"id": "DiscoveredResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base class for resources that are discovered and automatically updated",
"type": "object"
}
DiscoveredResourceScope (type)
{
"id": "DiscoveredResourceScope",
"module_id": "Common",
"properties": {
"scope_id": {
"description": "Specifies the scope id of discovered resource.",
"required": false,
"title": "Scope Id of scope for discovered resource",
"type": "string"
},
"scope_type": {
"description": "Type of the scope for the discovered resource.",
"enum": [
"CONTAINER_CLUSTER"
],
"required": false,
"title": "Type of scope",
"type": "string"
}
},
"title": "Scope of discovered resource",
"type": "object"
}
DiscoveryProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base Discovery Profile Binding Map",
"type": "object"
}
DiskProvisioning (type)
{
"additionalProperties": false,
"description": "Disk provisioning type for deploying VM.",
"enum": [
"THIN",
"LAZY_ZEROED_THICK",
"EAGER_ZEROED_THICK"
],
"id": "DiskProvisioning",
"module_id": "HostPrepServiceFabric",
"required": true,
"title": "Disk provisioning type",
"type": "string"
}
DistributedFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile
},
"id": "DistributedFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_rst_spoofing": {
"default": false,
"description": "If set to true, rst spoofing will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate rst spoofing is enabled",
"type": "boolean"
},
"enable_syncache": {
"default": false,
"description": "If set to true, sync cache will be enabled. Flag is used only for distributed firewall profiles.",
"readonly": false,
"title": "Flag to indicate syncache is enabled",
"type": "boolean"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
DistributedVirtualPortgroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualPortgroup
},
"id": "DistributedVirtualPortgroup",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualPortgroup"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"backing_type": {
"description": "For distributed virtual portgroup, backing type is standard. For logical switch portgroup, the backing type is set to nsx.",
"readonly": false,
"title": "Backing type for portgroup",
"type": "string"
},
"cm_local_id": {
"description": "Id of the portgroup, eg. a mo-ref from VC.",
"readonly": true,
"required": false,
"title": "Id of the portgroup in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual portgroup",
"type": "string"
},
"key": {
"readonly": false,
"title": "Generated UUID of the portgroup",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Portgroup type like DistributedVirtualPortgroup",
"type": "string"
},
"overall_status": {
"description": "This parameters reflects the managed entity status of the portgroup as reported by VC.",
"enum": [
"RED",
"YELLOW",
"GREEN",
"GRAY"
],
"readonly": true,
"required": false,
"title": "General status of the virtual portgroup",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Distributed virtual portgroup on a VC",
"type": "object"
}
DistributedVirtualSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "VirtualSwitch
},
"id": "DistributedVirtualSwitch",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "DistributedVirtualSwitch"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": false,
"title": "ID of the virtual switch in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"discovered_nodes": {
"description": "Array of discovered nodes connected to this switch.",
"items": {
"$ref": "DiscoveredNode
},
"readonly": true,
"required": false,
"title": "Array of discovered nodes connected",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual switch",
"type": "string"
},
"lacp_group_configs": {
"description": "It contains information about VMware specific multiple dynamic LACP groups.",
"items": {
"$ref": "LacpGroupConfigInfo
},
"readonly": false,
"required": false,
"title": "Array of Link Aggregation Control Protocol (LACP) configuration",
"type": "array"
},
"origin_id": {
"description": "ID of the compute manager where this virtual switch is discovered.",
"readonly": true,
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"origin_properties": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Key-Value map of additional properties of switch",
"type": "array"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Switch type like VmwareDistributedVirtualSwitch",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"uplink_port_names": {
"description": "The uniform name of uplink ports on each host.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Uplink port names",
"type": "array"
},
"uplink_portgroup": {
"$ref": "DistributedVirtualPortgroup,
"readonly": true,
"required": false,
"title": "Uplink portgroup of distributed virtual switch"
},
"uuid": {
"readonly": true,
"required": false,
"title": "UUID of the switch",
"type": "string"
}
},
"title": "DistributedVirtualSwitch on a VC",
"type": "object"
}
DnsHeader (type)
{
"additionalProperties": false,
"id": "DnsHeader",
"module_id": "Traceflow",
"properties": {
"address": {
"description": "This is used to define what is being asked or responded.",
"format": "hostname-or-ip",
"required": false,
"title": "Domain name/IP to query/response",
"type": "string"
},
"address_type": {
"default": "V4",
"description": "This is used to specify the type of the address. V4 - The address provided is an IPv4 domain name/IP address, the Type in query or response will be A V6 - The address provided is an IPv6 domain name/IP address, the Type in query or response will be AAAA",
"enum": [
"V4",
"V6"
],
"required": false,
"title": null,
"type": "string"
},
"message_type": {
"default": "QUERY",
"enum": [
"QUERY",
"RESPONSE"
],
"required": false,
"title": "Specifies the message type whether it is a query or a response.",
"type": "string"
}
},
"type": "object"
}
DnsNameString (type)
{
"description": "DNS name string in the \"preferred name syntax\", as specified by Section 3.5 of [RFC1034] and as modified by Section 2.1 of [RFC1123].",
"format": "hostname",
"id": "DnsNameString",
"maxLength": 200,
"module_id": "CertificateManager",
"title": "An IA5String instance for DNS Name",
"type": "string"
}
DnsSecurityProfile (type)
{
"additionalProperties": false,
"description": "Used to configure DNS security profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DnsSecurityProfile",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"ttl": {
"default": 86400,
"description": "Time to live for DNS cache entry in seconds. Valid TTL values are between 3600 to 864000. However, this field accepts values between 0 through 864000. We define TTL type based on the value of TTL as follows: TTL 0 - cached entry never expires. TTL 1 to 3599 - invalid input and error is thrown TTL 3600 to 864000 - ttl is set to user input TTL field not set by user - TTL type is 'AUTO' and ttl value is set from DNS response packet. User defined TTL value is used only when it is betweeen 3600 to 864000.",
"maximum": 864000,
"minimum": 0,
"required": false,
"title": "Time to live for DNS cache entry",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DNS security profile",
"type": "object"
}
DnsSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between DNS security profile and Group. With this entity, user can specify intent for applying DNS security profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "DnsSecurityProfileBindingMap",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number DNS Security Profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Binding Map for DNS Security Profile",
"type": "object"
}
DnsSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DnsSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DNS Security Profile Binding Map List Request Parameters",
"type": "object"
}
DnsSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DnsSecurityProfileBindingMapListResult",
"module_id": "PolicyFirewallDnsSecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfileBindingMap
},
"requried": true,
"title": "DNS Security Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of DNS Security Profile Binding Map",
"type": "object"
}
DnsSecurityProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DnsSecurityProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "DnsSecurityProfile
},
"required": true,
"title": "DnsSecurityProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of DnsSecurityProfile",
"type": "object"
}
Domain (type)
{
"additionalProperties": false,
"description": "Domain.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Domain",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildDomainDeploymentMap",
"ChildForwardingPolicy",
"ChildGatewayPolicy",
"ChildGroup",
"ChildSecurityPolicy"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain",
"type": "object"
}
DomainDeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of domain to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "DomainDeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "Path of enforcement point on which domain shall be enforced.",
"required": true,
"title": "Absolute path of enforcement point",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"DomainDeploymentMap"
],
"relationshipType": "DEPLOYMENT_MAP_ENFORCEMENT_POINT_RELATIONSHIP",
"rightType": [
"EnforcementPoint"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Domain Deployment Map",
"type": "object"
}
DomainDeploymentMapListRequestParameters (type)
{
"additionalProperties": false,
"description": "Domain Deployment Map list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DomainDeploymentMapListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain Deployment Map List Request Parameters",
"type": "object"
}
DomainDeploymentMapListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Domain Deployment Map.",
"extends": {
"$ref": "ListResult
},
"id": "DomainDeploymentMapListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Domain Deployment Map list result.",
"items": {
"$ref": "DomainDeploymentMap
},
"required": true,
"title": "Domain Deployment Map List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domain Deployment Map",
"type": "object"
}
DomainListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "DomainListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Domain list request parameters",
"type": "object"
}
DomainListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "DomainListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Domain
},
"required": true,
"title": "Domain list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domains",
"type": "object"
}
DonutConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Donut",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "DonutConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DonutConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"count": {
"description": "Expression to retrieve count to be shown on Donut.",
"title": "Expression to retrieve count to be shown on Donut",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_count": {
"default": true,
"description": "If true, displays the count of entities in the donut",
"title": "Show or hide the count of entities",
"type": "boolean"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Displayed at the middle of the donut, by default. It labels the entities of donut.",
"title": "Label of the Donut Configuration"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"sections": {
"decription": "High level logical grouping of portions or segments of donut.",
"items": {
"$ref": "DonutSection
},
"minItems": 1,
"required": true,
"title": "Sections",
"type": "array"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Donut Configuration",
"type": "object"
}
DonutPart (type)
{
"additionalProperties": false,
"description": "Represents an entity or portion to be plotted on a donut or stats chart.",
"id": "DonutPart",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the part will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"title": "Expression for evaluating condition",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "A numerical value that represents the portion or entity of the donut or stats chart.",
"maxLength": 1024,
"required": true,
"title": "Value of the portion or entity of donut or stats chart",
"type": "string"
},
"hide_empty_legend": {
"default": false,
"description": "If true, legend will be shown only if the data for the part is available. This is applicable only if legends are specified in widget configuration.",
"title": "Hide the legend if the data for the part is not available",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "If a section 'template' holds this donut or stats part, then the label is auto-generated from the fetched field values after applying the template.",
"title": "Label of the portion or entity of donut or stats chart"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. If drilldown_id is provided, then navigation cannot be used.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the portion.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
}
},
"title": "Portion of a donut or stats chart",
"type": "object"
}
DonutSection (type)
{
"additionalProperties": false,
"description": "Represents high level logical grouping of portions or segments of a donut / stats chart.",
"id": "DonutSection",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"parts": {
"description": "Array of portions or parts of the donut or stats chart.",
"items": {
"$ref": "DonutPart
},
"minItems": 1,
"required": true,
"title": "Parts of a donut / stats chart",
"type": "array"
},
"row_list_field": {
"description": "Field of the root of the api result set for forming parts.",
"maxLength": 1024,
"title": "Field from which parts of the donut or stats chart are formed",
"type": "string"
},
"template": {
"default": false,
"description": "If true, the section will be appled as template for forming parts. Only one part will be formed from each element of 'row_list_field'.",
"title": "Template, if any, for automatically forming the donut or stats parts",
"type": "boolean"
}
},
"title": "Section of a donut or stats chart",
"type": "object"
}
DropdownFilterPlotConfiguration (type)
{
"additionalProperties": false,
"description": "Dropdown Filter plotting configuration.",
"extends": {
"$ref": "WidgetPlotConfiguration
},
"id": "DropdownFilterPlotConfiguration",
"module_id": "NsxDashboard",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"allow_search": {
"default": false,
"description": "Allow search on drop down filter.",
"title": "Allow search on drop down filter",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
}
},
"title": "Dropdown Filtert plotting configuration",
"type": "object"
}
DropdownFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for dropdown filter widget.",
"extends": {
"$ref": "FilterWidgetConfiguration
},
"id": "DropdownFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "DropdownFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"default_value": {
"description": "Expression to specify default value of filter.",
"title": "Expression to specify default value",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"dropdown_filter_plot_config": {
"$ref": "DropdownFilterPlotConfiguration,
"description": "Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only.",
"required": false,
"title": "Dropdown filter plotting configuration"
},
"dropdown_item": {
"$ref": "DropdownItem,
"description": "Defines the item of a dropdown.",
"required": false,
"title": "Definition for item of a dropdown"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"placeholder_msg": {
"description": "Placeholder message to be displayed in dropdown filter.",
"title": "Placeholder message to be shown in filter",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"static_filter_condition": {
"description": "If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally.",
"title": "Expression for evaluating condition",
"type": "string"
},
"static_filters": {
"description": "Additional static items to be added in dropdown filter. Example can be 'ALL'.",
"items": {
"$ref": "StaticFilter
},
"title": "Additional static items to be added in dropdown filter",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Dropdown Filter widget Configuration",
"type": "object"
}
DropdownItem (type)
{
"additionalProperties": false,
"id": "DropdownItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"additional_value": {
"description": "An additional key-value pair for item to be display in dropdown.",
"required": false,
"title": "An additional value for item to be display in dropdown.",
"type": "object"
},
"display_name": {
"description": "expression to extract display name to be shown in the drop down.",
"maxLength": 1024,
"title": "Display name for item to be displayed in dropdown",
"type": "string"
},
"field": {
"description": "An expression that represents the items of the dropdown filter.",
"required": true,
"title": "Expression for dropdown items of filter",
"type": "string"
},
"short_display_name": {
"description": "Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used.",
"maxLength": 1024,
"title": "A property value to be shown once value is selected for a filter.",
"type": "string"
},
"value": {
"description": "Value of filter inside dropdown filter.",
"required": true,
"title": "Value for item to be displayed in dropdown",
"type": "string"
}
},
"title": "Dropdown item definition",
"type": "object"
}
DscpBit (type)
{
"additionalProperties": false,
"desceiption": "To define the Dscp bit in Global In-band network telemetry configuration.\n",
"extends": {
"$ref": "DscpIndicator
},
"id": "DscpBit",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_BIT"
},
"properties": {
"dscp_bit": {
"description": "A DSCP bit is allocated to indicate the existence of INT header. It takes effect only when the INT indicator mode is DSCP_BIT. The user should guarantee that the given DSCP bit is specifically allocated for INT.",
"maximum": 5,
"minimum": 0,
"required": true,
"title": "DSCP bit for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DscpIndicator (type)
{
"abstract": true,
"additionalProperties": false,
"description": "The DscpIndicator is the base class for global In-band network telemetry configurations for different types in a NSX domain.",
"id": "DscpIndicator",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "indicator_type"
},
"properties": {
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Abstract base type for Global In-band network telemetry configuration",
"type": "object"
}
DscpTrustMode (type)
{
"default": "TRUSTED",
"description": "When you select the Trusted mode the inner header DSCP value is applied to the outer IP header for IP/IPv6 traffic. For non IP/IPv6 traffic, the outer IP header takes the default value.Untrusted mode is supported on overlay-based and VLAN-based logical port.",
"enum": [
"TRUSTED",
"UNTRUSTED"
],
"id": "DscpTrustMode",
"module_id": "PolicyQoS",
"title": "Trust settings",
"type": "string"
}
DscpValue (type)
{
"additionalProperties": false,
"desceiption": "To define the Dscp value in Global In-band network telemetry configuration.\n",
"extends": {
"$ref": "DscpIndicator
},
"id": "DscpValue",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "DSCP_VALUE"
},
"properties": {
"dscp_value": {
"description": "A DSCP value is allocated to indicate the existence of INT header. It takes effects only when the INT indicator mode is DSCP_VALUE. The user should guarantee that the given DSCP value is specifically allocated for INT.",
"maximum": 63,
"minimum": 1,
"required": true,
"title": "DSCP value for indicating the existence of INT header.",
"type": "int"
},
"indicator_type": {
"enum": [
"DSCP_BIT",
"DSCP_VALUE"
],
"required": true,
"title": "The method for indicating the existence of INT header.",
"type": "string"
}
},
"title": "Dscp bit config",
"type": "object"
}
DuplicateAddressBindingEntry (type) (Deprecated)
{
"deprecated": true,
"extends": {
"$ref": "AddressBindingEntry
},
"id": "DuplicateAddressBindingEntry",
"module_id": "LogicalPort",
"properties": {
"binding": {
"$ref": "PacketAddressClassifier,
"title": "Combination of IP-MAC-VLAN binding"
},
"binding_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp at which the binding was discovered via snooping or manually specified by the user",
"title": "Timestamp of binding"
},
"conflicting_port": {
"description": "Provides the ID of the port on which the same address bidning exists",
"required": false,
"title": "ID of logical port with the same address binding",
"type": "string"
},
"source": {
"$ref": "AddressBindingSource,
"default": "UNKNOWN",
"description": "Source from which the address binding entry was obtained",
"title": "Address binding source"
}
},
"title": "Duplicate address binding information",
"type": "object"
}
DuplicateIPDetectionOptions (type)
{
"additionalProperties": false,
"description": "Contains dupliacte IP detection related discovery options.",
"id": "DuplicateIPDetectionOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"duplicate_ip_detection_enabled": {
"default": false,
"description": "Indicates whether duplicate IP detection should be enabled",
"required": false,
"title": "Duplicate IP detection",
"type": "boolean"
}
},
"title": "Controls duplicate IP detection options",
"type": "object"
}
DynamicContentFilterQueryParameter (type)
{
"additionalProperties": false,
"id": "DynamicContentFilterQueryParameter",
"properties": {
"scope": {
"enum": [
"NAPP"
],
"title": "Restrict scope of dynamic content filters to report",
"type": "string"
}
},
"type": "object"
}
DynamicContentFilterValue (type)
{
"id": "DynamicContentFilterValue",
"title": "Support bundle dynamic content filter allowed values, for example, NAPP:SERVICE:PLATFORM_SERVICES",
"type": "string"
}
DynamicContentFilters (type)
{
"additionalProperties": false,
"id": "DynamicContentFilters",
"properties": {
"dynamic_content_filters": {
"description": "These filter values will be set by the remote node like the NSX Intelligence Platform for instance. We would not need to know or act on these dynamic content filters, except for passing them on as request parameters along with the support bundle collection API.",
"items": {
"$ref": "DynamicContentFilterValue
},
"title": "Support bundle content filter allowed values",
"type": "array"
}
},
"type": "object"
}
EPActionForDnsForwarderRequestParameters (type)
{
"id": "EPActionForDnsForwarderRequestParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"action": {
"description": "The valid DNS forwarder actions to be performed on EP are, - clear_cache: Clear the current cache of the dns forwarder from specified enforcement point.",
"enum": [
"clear_cache"
],
"required": true,
"title": "An action to be performed for DNS forwarder on EP",
"type": "string"
},
"enforcement_point_path": {
"default": "/infra/sites/default/enforcement-points/default",
"description": "An enforcement point path, on which the action is to be performed. If not specified, default enforcement point path, /infra/sites/default/enforcement-points/default will be considered.",
"required": false,
"title": "An enforcement point path, on which the action is to be performed",
"type": "string"
}
},
"type": "object"
}
EULAAcceptance (type)
{
"additionalProperties": false,
"description": "Indicate the status of End User License Agreement acceptance",
"extends": {
"$ref": "ManagedResource
},
"id": "EULAAcceptance",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptance": {
"description": "Acceptance status of End User License Agreement",
"required": true,
"title": "End User License Agreement acceptance status",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA acceptance status",
"type": "object"
}
EULAContent (type)
{
"additionalProperties": false,
"description": "End User License Agreement content",
"extends": {
"$ref": "ManagedResource
},
"id": "EULAContent",
"module_id": "EULA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"content": {
"description": "Content of End User License Agreement",
"required": true,
"sensitive": true,
"title": "End User License Agreement content",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "EULA content",
"type": "object"
}
EULAOutputFormatRequestParameters (type)
{
"additionalProperties": false,
"description": "Indicate output format of End User License Agreement content",
"extends": {
"$ref": "ListRequestParameters
},
"id": "EULAOutputFormatRequestParameters",
"module_id": "EULA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"value_format": {
"title": "End User License Agreement content output format",
"type": "string"
}
},
"type": "object"
}
EdgeClusterNodeType (type)
{
"enum": [
"EDGE_NODE",
"PUBLIC_CLOUD_GATEWAY_NODE",
"UNKNOWN"
],
"id": "EdgeClusterNodeType",
"module_id": "EdgeCommonTypes",
"title": "Supported edge cluster node type.",
"type": "string"
}
EdgeConfigurationState (type)
{
"additionalProperties": false,
"description": "This contains fields that captures state of Trackable entities. Edge and VPN state entities extend this object.",
"extends": {
"$ref": "ConfigurationState
},
"id": "EdgeConfigurationState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Configuration State for Edge and VPN entities.",
"type": "object"
}
EdgeTransportNodeDatapathMemoryPoolUsage (type)
{
"additionalProperties": false,
"description": "Datapath memory pool usage value.",
"id": "EdgeTransportNodeDatapathMemoryPoolUsage",
"module_id": "ApplianceStats",
"properties": {
"description": {
"description": "Description of the memory pool.",
"readonly": true,
"title": "Description of the memory pool",
"type": "string"
},
"name": {
"description": "Name of the datapath memory pool as available on edge node CLI.",
"readonly": true,
"title": "Name of the datapath memory pool",
"type": "string"
},
"usage": {
"description": "Percentage of memory pool in use.",
"readonly": true,
"title": "Percentage of memory pool in use",
"type": "number"
}
},
"title": "Usage of datapath memory pool",
"type": "object"
}
EdgeTransportNodeDatapathMemoryUsage (type)
{
"additionalProperties": false,
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"id": "EdgeTransportNodeDatapathMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"datapath_heap_usage": {
"description": "Percentage of heap memory in use.",
"readonly": true,
"title": "Percentage of heap memory in use",
"type": "number"
},
"datapath_mem_pools_usage": {
"items": {
"$ref": "EdgeTransportNodeDatapathMemoryPoolUsage,
"description": "Per memory pool percentage in use.",
"readonly": true,
"title": "Per memory pool percentage in use"
},
"type": "array"
},
"highest_datapath_mem_pool_usage": {
"description": "Highest percentage usage value among datapath memory pools.",
"readonly": true,
"title": "Highest percentage usage value among datapath memory pools",
"type": "number"
},
"highest_datapath_mem_pool_usage_names": {
"items": {
"description": "List of datapath memory pool(s) with highest usage.",
"readonly": true,
"title": "Datapath memory pool(s) with highest usage",
"type": "string"
},
"type": "array"
}
},
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage",
"type": "object"
}
EdgeTransportNodeMemoryUsage (type)
{
"additionalProperties": false,
"description": "Point in time usage of system, datapath, swap and cache memory in edge node.",
"id": "EdgeTransportNodeMemoryUsage",
"module_id": "ApplianceStats",
"properties": {
"cache_usage": {
"description": "Percentage of RAM on the system that can be flushed out to disk.",
"readonly": true,
"title": "Percentage of RAM on the system that can be flushed out to disk",
"type": "number"
},
"datapath_mem_usage_details": {
"$ref": "EdgeTransportNodeDatapathMemoryUsage,
"description": "Detailed view of the datapath memory usage. Details out the heap and per memory pool point in time usage.",
"readonly": true,
"title": "Detailed view of the datapath memory usage. Details out the heap and per memory pool usage"
},
"datapath_total_usage": {
"description": "Percentage of memory in use by datapath processes which includes RES and hugepage memory.",
"readonly": true,
"title": "Percentage of memory in use by datapath processes",
"type": "number"
},
"swap_usage": {
"description": "Percentage of swap disk in use.",
"readonly": true,
"title": "Percentage of swap disk in use",
"type": "number"
},
"system_mem_usage": {
"description": "Percentage of RAM in use on edge node.",
"readonly": true,
"title": "Percentage of RAM in use on edge node",
"type": "number"
}
},
"title": "Memory usage details of edge node",
"type": "object"
}
EdgeUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "EdgeUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of edge upgrade",
"type": "object"
}
EffectiveIPInfo (type)
{
"additionalProperties": false,
"id": "EffectiveIPInfo",
"module_id": "GroupingObjectsProviders",
"properties": {
"effective_ips": {
"items": {
"$ref": "IPElement
},
"required": true,
"type": "array"
},
"site_id": {
"required": true,
"title": "Id of the site to which the effective IPs belong to\n",
"type": "string"
}
},
"title": "List of effective ip address along with site id",
"type": "object"
}
EgressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "EgressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "EgressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrption": "Set custom burst_size for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"descrption": "Set custom peak_bandwidth for the inbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies egress rate properties in Mb/s",
"type": "object"
}
EndpointPolicy (type)
{
"additionalProperties": false,
"description": "Ordered list of Endpoint Rules ordered by sequence number of the entries. The maximum number of policies is 25.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EndpointPolicy",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"endpoint_rules": {
"items": {
"$ref": "EndpointRule
},
"required": false,
"title": "Endpoint Rules that are a part of this EndpointPolicy",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between maps across domains.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Precedence to resolve conflicts across Domains",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Endpoint Rules\n",
"type": "object"
}
EndpointRule (type)
{
"additionalProperties": false,
"description": "Endpoint Rule comes from user configuration. User configures Endpoint Rule to specify what services are applied on the groups.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EndpointRule",
"module_id": "PolicyGuestIntrospection",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 50,
"required": true,
"title": "group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"default": 0,
"description": "This field is used to resolve conflicts between multiple entries under EndpointPolicy. It will be system default value when not specified by user.",
"maximum": 499,
"minimum": 0,
"required": false,
"title": "Sequence number of this Entry",
"type": "int"
},
"service_profiles": {
"description": "The policy paths of service profiles are listed here. It pecifies what services are applied on the group. Currently only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": true,
"title": "Names of service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"EndpointRule"
],
"relationshipType": "GI_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Endpoint Rule for guest introspection.",
"type": "object"
}
EnforcedStatusDetailsNsxT (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an intent object on an NSX-T type of enforcement point. This is a detailed view of the Realized Status of an intent object from an NSX-T enforcement point perspective.",
"id": "EnforcedStatusDetailsNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status_info": {
"$ref": "EnforcedStatusInfoNsxT,
"description": "Information about the realized status of the intent on this enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info.",
"readonly": true,
"title": "Enforced Realized Status Info"
},
"pending_changes_info": {
"$ref": "PendingChangesInfoNsxT,
"description": "Information about pending changes, if any, that aren't reflected in the Enforced Realized Status.",
"readonly": true,
"title": "Pending Changes Info"
}
},
"title": "NSX-T Enforced Realized Status Details",
"type": "object"
}
EnforcedStatusInfoNsxT (type)
{
"additionalProperties": false,
"description": "Information about the realized status of the intent object on an NSX-T type of enforcement point. Some very recent changes may be excluded when preparing this information, which is indicated by Pending Changes Info. In addition to the realized status across all scopes, this information holds details about enforced realized status per scope.",
"id": "EnforcedStatusInfoNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"enforced_status": {
"$ref": "EnforcedStatusNsxT,
"description": "Consolidated Realized Status of an Intent object across all scopes of an NSX-T type of enforcement point.",
"readonly": true,
"title": "Enforced Realized Status"
},
"enforced_status_per_scope": {
"description": "List of Enforced Realized Status per Scope.",
"items": {
"$ref": "EnforcedStatusPerScopeNsxT
},
"readonly": true,
"title": "List of Enforced Realized Status per Scope",
"type": "array"
}
},
"title": "NSX-T Enforced Realized Status Information",
"type": "object"
}
EnforcedStatusNsxT (type)
{
"additionalProperties": false,
"description": "NSX-T Enforced Status.",
"id": "EnforcedStatusNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"status": {
"$ref": "RuntimeState,
"description": "Enforced Realized Status.",
"readonly": true,
"title": "Enforced Realized Status"
},
"status_message": {
"description": "Status Message conveying hints depending on the status value.",
"readonly": true,
"title": "Status Message",
"type": "string"
}
},
"title": "NSX-T Enforced Status",
"type": "object"
}
EnforcedStatusPerScopeNsxT (type)
{
"abstract": true,
"additionalProperties": false,
"description": "NSX-T Detailed Realized Status Per Scope.",
"id": "EnforcedStatusPerScopeNsxT",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Enforced Realized Status Per Scope Resource Type.",
"enum": [
"TransportNodeSpanEnforcedStatus"
],
"readonly": true,
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "NSX-T Enforced Realized Status Per Scope",
"type": "object"
}
EnforcedStatusPerTransportNode (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status Per Transport Node.",
"id": "EnforcedStatusPerTransportNode",
"module_id": "PolicyRealizationStatus",
"properties": {
"display_name": {
"description": "Display name of the transport node.",
"readonly": true,
"title": "Transport Node Display Name",
"type": "string"
},
"enforced_status": {
"$ref": "EnforcedStatusNsxT,
"description": "Realized Status of an Intent object on this Transport Node.",
"readonly": true,
"title": "Enforced Realized Status"
},
"nsx_id": {
"description": "UUID identifying uniquely the Transport Node.",
"readonly": true,
"title": "Transport Node Identifier",
"type": "string"
},
"path": {
"description": "Policy Path referencing the transport node.",
"readonly": true,
"title": "Transport Node Path",
"type": "string"
}
},
"title": "Enforced Realized Status Per Transport Node",
"type": "object"
}
EnforcementPoint (type)
{
"additionalProperties": false,
"description": "Enforcement point is the endpoint where policy configurations are applied.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EnforcementPoint",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildPolicyEdgeCluster",
"ChildPolicyTransportZone"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_enforce": {
"default": true,
"description": "Auto enforce flag suggests whether the policy objects shall be automatically enforced on this enforcement point or not. When this flag is set to true, all policy objects will be automatically enforced on this enforcement point. If this flag is set to false, user shall rely on the usual means of realization, i.e., deployment maps.",
"title": "Auto Enforce Flag",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"$ref": "EnforcementPointConnectionInfo,
"description": "Connection Info of the Enforcement Point.",
"required": true,
"title": "Enforcement Point Connection Info"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version": {
"description": "Version of the Enforcement point.",
"readonly": true,
"title": "Enforcement point Version",
"type": "string"
}
},
"title": "Enforcement Point",
"type": "object"
}
EnforcementPointConnectionInfo (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Contains information required to connect to enforcement point.",
"id": "EnforcementPointConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
}
},
"title": "Enforcement Point Connection Info",
"type": "object"
}
EnforcementPointListRequestParameters (type)
{
"additionalProperties": false,
"description": "Enforcement point list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "EnforcementPointListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Enforcement Point List Request Parameters",
"type": "object"
}
EnforcementPointListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of enforcement points.",
"extends": {
"$ref": "ListResult
},
"id": "EnforcementPointListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Enforcement Point list Results.",
"items": {
"$ref": "EnforcementPoint
},
"required": true,
"title": "Enforcement Point List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of EnforcementPoints",
"type": "object"
}
EnforcementPointRequest (type)
{
"additionalProperties": false,
"id": "EnforcementPointRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on request is to be made.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Enforcement point request entity",
"type": "object"
}
EntityInstanceCountConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level constraint to restrict the number instances of an entity type can be created. This is useful in restricting number of CGWs or MGWs or Providers that can created in a system.",
"extends": {
"$ref": "ConstraintExpression
},
"id": "EntityInstanceCountConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "EntityInstanceCountConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"count": {
"description": "Instance count.",
"required": true,
"title": "Instance count.",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"required": true,
"title": "Operations supported '<' and '<='.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the leaf level constraint to restrict the number instances of type.",
"type": "object"
}
EpochMsTimestamp (type)
{
"id": "EpochMsTimestamp",
"module_id": "Common",
"title": "Timestamp in milliseconds since epoch",
"type": "integer"
}
ErrorResolverInfo (type)
{
"additionalProperties": false,
"description": "Metadata related to a given error_id",
"id": "ErrorResolverInfo",
"module_id": "ErrorResolver",
"properties": {
"error_id": {
"required": true,
"title": "The error id for which metadata information is needed",
"type": "integer"
},
"resolver_present": {
"required": true,
"title": "Indicates whether there is a resolver associated with the error or not",
"type": "boolean"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata,
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverInfoList (type)
{
"additionalProperties": false,
"id": "ErrorResolverInfoList",
"module_id": "ErrorResolver",
"properties": {
"results": {
"items": {
"$ref": "ErrorResolverInfo
},
"required": true,
"title": "ErrorResolverInfo list",
"type": "array"
}
},
"title": "Collection of all registered ErrorResolverInfo",
"type": "object"
}
ErrorResolverMetadata (type)
{
"additionalProperties": false,
"description": "Error along with its metadata",
"id": "ErrorResolverMetadata",
"module_id": "ErrorResolver",
"properties": {
"entity_id": {
"required": true,
"title": "The entity/node UUID where the error has occurred.",
"type": "string"
},
"error_id": {
"required": true,
"title": "The error id as reported by the entity where the error occurred.",
"type": "integer"
},
"system_metadata": {
"$ref": "ErrorResolverSystemMetadata,
"required": false,
"title": "This can come from some external system like syslog collector"
},
"user_metadata": {
"$ref": "ErrorResolverUserMetadata,
"required": false,
"title": "User supplied metadata that might be required by the resolver"
}
},
"type": "object"
}
ErrorResolverMetadataList (type)
{
"additionalProperties": false,
"description": "List of errors with their metadata",
"id": "ErrorResolverMetadataList",
"module_id": "ErrorResolver",
"properties": {
"errors": {
"items": {
"$ref": "ErrorResolverMetadata
},
"required": true,
"title": "List of errors with their corresponding metadata.",
"type": "array"
}
},
"type": "object"
}
ErrorResolverSystemMetadata (type)
{
"additionalProperties": false,
"description": "Metadata fetched from an external system like Syslog or LogInsight.",
"id": "ErrorResolverSystemMetadata",
"module_id": "ErrorResolver",
"properties": {
"value": {
"required": false,
"title": "The value fetched from another system",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserInputData (type)
{
"additionalProperties": false,
"description": "Corresponds to one property entered by the user",
"id": "ErrorResolverUserInputData",
"module_id": "ErrorResolver",
"properties": {
"data_type": {
"enum": [
"TEXT",
"NUMBER",
"PASSWORD"
],
"required": true,
"title": "The datatype of the given property. Useful for data validation",
"type": "string"
},
"property_name": {
"required": true,
"title": "Name of the property supplied by the user",
"type": "string"
},
"property_value": {
"required": false,
"title": "The value associated with the above property",
"type": "string"
}
},
"type": "object"
}
ErrorResolverUserMetadata (type)
{
"additionalProperties": false,
"description": "User supplied metadata needed for resolving errors",
"id": "ErrorResolverUserMetadata",
"module_id": "ErrorResolver",
"properties": {
"user_input_list": {
"items": {
"$ref": "ErrorResolverUserInputData
},
"required": false,
"title": "List of user supplied input data.",
"type": "array"
}
},
"type": "object"
}
EtherTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "EtherTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "EtherTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ether_type": {
"required": true,
"title": "Type of the encapsulated protocol",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an ethertype protocol",
"type": "object"
}
EthernetHeader (type)
{
"additionalProperties": false,
"id": "EthernetHeader",
"module_id": "Traceflow",
"properties": {
"dst_mac": {
"description": "The destination MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Destination MAC address of the Ethernet header",
"type": "string"
},
"eth_type": {
"default": 2048,
"description": "This field defaults to IPv4.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "The value of the type field to be put into the Ethernet header",
"type": "integer"
},
"src_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"required": false,
"title": "Source MAC address of the Ethernet header",
"type": "string"
}
},
"type": "object"
}
Evaluation (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Criterion Evaluation is the basic logical condition to evaluate whether the event could be potentially met.",
"id": "Evaluation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Criterion Evaluation resource type.",
"enum": [
"SourceFieldEvaluation"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Criterion Evaluation",
"type": "object"
}
Event (type)
{
"additionalProperties": false,
"description": "The Event is the criterion or criteria applied to the source and, when met, prompt Policy to run the action. All Reaction Events are constructed with reference to the object, the \"source\", that is logically deemed to be the object upon which the Event in question initially occurred upon. Some example events include: - New object was created. - Change in realization state. - Specific API is called.",
"id": "Event",
"module_id": "PolicyReaction",
"properties": {
"criteria": {
"description": "Criteria applied to the source and, if satisfied, would trigger the action. Criteria is composed of criterions. In order for the Criteria to be met, only one of the criterion must be fulfilled (implicit OR).",
"items": {
"$ref": "Criterion
},
"title": "Event Criteria",
"type": "array"
},
"source": {
"$ref": "Source,
"description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon.",
"required": true,
"title": "Event Source"
}
},
"title": "Reaction Event",
"type": "object"
}
EvpnConfig (type)
{
"additionalProperties": false,
"description": "Evpn Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "EvpnConfigAdvancedConfig,
"description": "Advanced configuration for evpn config.",
"required": false,
"title": "Advanced configuration for evpn config"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_method": {
"$ref": "EvpnEncapConfig,
"description": "Encapsulation method for EVPN service that is used by the transport layer.",
"required": false,
"title": "Encapsulation method for EVPN."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mode": {
"default": "DISABLE",
"description": "In INLINE mode, edge nodes participate both in the BGP EVPN control plane route exchange and in data path tunneling between edge nodes and data center gateways. In ROUTE_SERVER mode, edge nodes participate in the BGP EVPN control plane route exchanges only and do not participate in the data forwarding, i.e., the data path tunnels are directly established between the hypervisors and the data center gateways. DISABLE mode disables EVPN service capability.",
"enum": [
"INLINE",
"ROUTE_SERVER",
"DISABLE"
],
"required": false,
"title": "EVPN service mode",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Configuration",
"type": "object"
}
EvpnConfigAdvancedConfig (type)
{
"additionalProperties": false,
"description": "NSX specific configuration for evpn config",
"id": "EvpnConfigAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {},
"title": "Advanced configuration for evpn config",
"type": "object"
}
EvpnEncapConfig (type)
{
"additionalProperties": false,
"description": "Encapsulation method for EVPN.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnEncapConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"evpn_tenant_config_path": {
"required": false,
"title": "EVPN tenant config path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_TENANT_CONFIG_RELATIONSHIP",
"rightType": [
"EvpnTenantConfig"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"required": false,
"title": "vni pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnConfig"
],
"relationshipType": "EVPN_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": [
"VniPoolConfig"
]
}
]
}
},
"title": "Encapsulation method for EVPN",
"type": "object"
}
EvpnTenantConfig (type)
{
"additionalProperties": false,
"description": "This resource is relevant only when Evpn Service is configured in ROUTE-SERVER mode. The resource defines Vlans to VNIs mappings used by Evpn tenant VMs for overlay VXLAN transmission when attached to vRouter. The resource contains overlay transport_zone_path and vni_pool_path to orchestrate creation of child Logical-Switches.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnTenantConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mappings": {
"description": "This property specifies a mapping spec of incoming Evpn tenant vlan-ids to VXLAN VNIs used for overlay transmission to Physical-Gateways used by vRouters.",
"items": {
"$ref": "VlanVniRangePair
},
"maxItems": 2000,
"minItems": 1,
"required": true,
"title": "VLANs to VNIs mapping spec",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to transport zone. Only overlay transport zone is supported.",
"required": true,
"title": "Policy path to the transport zone",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_TZ_CONFIG_RELATIONSHIP",
"rightType": []
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vni_pool_path": {
"description": "Policy path to the vni pool used for Evpn in ROUTE-SERVER mode.",
"required": true,
"title": "Policy path to the vni pool",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"EvpnTenantConfig"
],
"relationshipType": "EVPN_TENANT_CONFIG_VNIPOOL_CONFIG_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Evpn Tenant Configuration for Evpn in ROUTE-SERVER mode.",
"type": "object"
}
EvpnTunnelEndpointConfig (type)
{
"additionalProperties": false,
"description": "Evpn Tunnel Endpoint Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "EvpnTunnelEndpointConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_path": {
"required": true,
"title": "edge path",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "local addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"maximum": 9100,
"minimum": 64,
"required": false,
"title": "MTU",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Evpn Tunnel Endpoint Configuration",
"type": "object"
}
ExportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke export task.",
"id": "ExportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_path": {
"description": "Policy path of a draft which is to be exported. If not provided, current firewall configuration will then be exported.",
"required": false,
"title": "Policy path of draft",
"type": "string"
},
"passphrase": {
"description": "Passphrase to sign exported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"minLength": 8,
"pattern": "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[^a-zA-Z\\d\\s]).{8,}$",
"required": true,
"sensitive": true,
"title": "Passphrase to sign exported files",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Export task request parameters",
"type": "object"
}
ExportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the export task.",
"extends": {
"$ref": "PolicyTask
},
"id": "ExportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft if this is an export task to export draft configuration.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"exported_file": {
"description": "Name of the exported file generated after completion of export task.",
"readonly": true,
"title": "Name of the exported file",
"type": "string"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Export task information",
"type": "object"
}
Expression (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the nodes of the expression extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Expression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each node of the expression",
"type": "object"
}
ExternalGatewayBfdConfig (type)
{
"additionalProperties": false,
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"id": "ExternalGatewayBfdConfig",
"module_id": "Policy",
"properties": {
"bfd_profile_path": {
"title": "Policy path to Bfd Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GlobalConfig"
],
"relationshipType": "BFD_CONFIG_GLOBAL_CONFIG_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"enable": {
"default": true,
"description": "Flag to enable BFD session.",
"title": "Enable BFD session",
"type": "boolean"
}
},
"title": "External Bidirectional Flow Detection configuration",
"type": "object"
}
ExternalIDExpression (type)
{
"additionalProperties": false,
"description": "Represents external ID expressions in the form of an array, to support addition of objects like virtual interfaces, virtual machines, CloudNativeServiceInstance PhysicalServer to a group.",
"extends": {
"$ref": "Expression
},
"id": "ExternalIDExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ExternalIDExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_ids": {
"description": "This array can consist of one or more external IDs for the specified member type.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Array of external IDs for the specified member type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_type": {
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"CloudNativeServiceInstance",
"PhysicalServer"
],
"required": true,
"title": "External ID member type",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "External ID expression node",
"type": "object"
}
FIPSGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"id": "FIPSGlobalConfig",
"module_id": "Policy",
"properties": {
"lb_fips_enabled": {
"default": false,
"description": "When this flag is set to true FIPS mode will be set on ssl encryptions of load balancer feature.",
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of load balancer feature.",
"type": "boolean"
},
"tls_fips_enabled": {
"default": false,
"description": "When this flag is set to true FIPS mode will be set on ssl encryptions of TLS inspection feature.",
"readonly": true,
"required": false,
"title": "A flag to turn on or turn off the FIPS compliance of TLS inspection feature.",
"type": "boolean"
}
},
"title": "Global configuration",
"type": "object"
}
FailedNodeSupportBundleResult (type)
{
"additionalProperties": false,
"id": "FailedNodeSupportBundleResult",
"properties": {
"error_code": {
"readonly": true,
"required": true,
"title": "Error code",
"type": "string"
},
"error_message": {
"readonly": true,
"required": true,
"title": "Error message",
"type": "string"
},
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
}
},
"type": "object"
}
FeatureCompatibilityInfo (type)
{
"description": "Feature status information indicating site configuration compatibility with global manager configuration.",
"id": "FeatureCompatibilityInfo",
"module_id": "GmConfigOnboarding",
"properties": {
"details": {
"items": {
"$ref": "CompatibilityDetail
},
"maxItems": 10,
"readonly": true,
"required": false,
"type": "array"
},
"feature": {
"$ref": "OnboardingFeatureInfo,
"readonly": true,
"required": true
},
"status": {
"$ref": "OnboardingCompatibilityStatus,
"readonly": true,
"required": true,
"title": "Compatibility Status"
}
},
"title": "Feature Compatibility Info",
"type": "object"
}
FeatureConflictInfo (type)
{
"description": "Feature status information with number of conflicting entities and its total count associated with the feature.",
"id": "FeatureConflictInfo",
"module_id": "GmConfigOnboarding",
"properties": {
"conflict_count": {
"description": "Number of conflicting entities with global entities in the feature during an onboarding stage.",
"readonly": true,
"required": false,
"title": "Conflict Count",
"type": "integer"
},
"feature": {
"$ref": "OnboardingFeatureInfo,
"readonly": true,
"required": false
},
"total_count": {
"description": "Total number of entities in the feature during an onboarding stage.",
"readonly": true,
"required": false,
"title": "Total Count",
"type": "integer"
}
},
"title": "Feature Conflict Info",
"type": "object"
}
FeaturePermission (type)
{
"id": "FeaturePermission",
"module_id": "AAA",
"properties": {
"feature": {
"required": true,
"title": "Feature Id",
"type": "string"
},
"feature_description": {
"title": "Feature Description",
"type": "string"
},
"feature_name": {
"title": "Feature Name",
"type": "string"
},
"is_execute_recommended": {
"readonly": true,
"title": "Is execute recommended",
"type": "boolean"
},
"is_internal": {
"readonly": true,
"title": "Is internal",
"type": "boolean"
},
"permission": {
"enum": [
"crud",
"read",
"execute",
"none"
],
"required": true,
"title": "Permission",
"type": "string"
}
},
"title": "Feature Permission",
"type": "object"
}
FeaturePermissionArray (type)
{
"additionalProperties": false,
"id": "FeaturePermissionArray",
"module_id": "AAA",
"properties": {
"feature_permissions": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "Array of FeaturePermission",
"type": "array"
}
},
"type": "object"
}
FeaturePermissionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FeaturePermissionListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FeaturePermissionRequestParameters (type)
{
"additionalProperties": false,
"id": "FeaturePermissionRequestParameters",
"module_id": "PolicyAuthz",
"properties": {
"feature_name": {
"required": true,
"title": "Feature name",
"type": "string"
},
"object_path": {
"required": true,
"title": "Exact object Policy path",
"type": "string"
}
},
"title": "RBAC Objects qualifier",
"type": "object"
}
FeatureSet (type)
{
"additionalProperties": false,
"description": "Represents list of features required to view the widget.",
"id": "FeatureSet",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"feature_list": {
"description": "List of features required for to view widget.",
"items": {
"type": "string"
},
"title": "List of features required for to view wdiget",
"type": "array"
},
"require_all_permissions": {
"description": "Flag for specifying if permission to all features is required If set to false, then if there is permission for any of the feature from feature list, widget will be available.",
"title": "Flag for specifying if permission to all features is required",
"type": "boolean"
}
},
"title": "List of features required to view the widget",
"type": "object"
}
FeatureSummary (type)
{
"description": "Feature summary defining overall conflicting count against total number of entities.",
"id": "FeatureSummary",
"module_id": "GmConfigOnboarding",
"properties": {
"total_conflict_count": {
"description": "Total number of conflicting entities with global entities accross all features during an onboarding stage.",
"readonly": true,
"required": false,
"title": "Total Conflict Count",
"type": "integer"
},
"total_count": {
"description": "Total number of entities across all features during an onboarding stage.",
"readonly": true,
"required": false,
"title": "Total Count",
"type": "integer"
}
},
"title": "Feature Summary",
"type": "object"
}
FeatureSummaryRequestParameters (type)
{
"additionalProperties": false,
"description": "Feature summary request parameters for a site.",
"id": "FeatureSummaryRequestParameters",
"module_id": "GmConfigOnboarding",
"properties": {
"feature": {
"$ref": "UnsupportedFeature,
"readonly": true,
"required": true
}
},
"title": "Onboarding Feature Summary Request Parameters",
"type": "object"
}
FederationComponentUpgradeStatus (type)
{
"additionalProperties": false,
"id": "FederationComponentUpgradeStatus",
"module_id": "FederationUpgrade",
"properties": {
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"items": {
"$ref": "FederationNodeSummary
},
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions.",
"type": "array"
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"type": "object"
}
FederationConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation configuration. This configuration is distributed to all Sites participating in federation.",
"id": "FederationConfig",
"module_id": "PolicySiteGM",
"properties": {
"site_config": {
"items": {
"$ref": "SiteFederationConfig
},
"readonly": true,
"title": "Federation configurations of all Sites",
"type": "array"
}
},
"title": "Global Manager federation configuration",
"type": "object"
}
FederationConfiguration (type)
{
"additionalProperties": false,
"description": "Federation configuration.",
"id": "FederationConfiguration",
"module_id": "SiteManagerModule",
"properties": {
"epoch": {
"required": true,
"title": "Epoch",
"type": "integer"
},
"id": {
"required": true,
"title": "Federation id",
"type": "string"
},
"sites": {
"items": {
"$ref": "FederationSite
},
"required": true,
"title": "Sites",
"type": "array"
}
},
"title": "Federation configuration",
"type": "object"
}
FederationConnectivityConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation.",
"id": "FederationConnectivityConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
}
},
"title": "Federation connectivity configuration",
"type": "object"
}
FederationGatewayConfig (type)
{
"additionalProperties": false,
"description": "Additional gateway configuration required for federation",
"extends": {
"$ref": "FederationConnectivityConfig
},
"id": "FederationGatewayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"global_overlay_id": {
"description": "Global id for by Layer3 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global 24-bit id",
"type": "integer"
},
"site_allocation_indices": {
"description": "Indicies for cross site allocation for edge cluster and its members referred by gateway.",
"items": {
"$ref": "SiteAllocationIndexForEdge
},
"readonly": true,
"title": "Indicies for cross site allocation\n",
"type": "array"
},
"transit_segment_id": {
"description": "Global UUID for transit segment id to be used by Layer2 services for federation usecases.",
"readonly": true,
"title": "Auto generated federation global id for transit segment",
"type": "string"
}
},
"title": "Federation gateway configuration",
"type": "object"
}
FederationInvalidConfigurationDetailsResponse (type)
{
"additionalProperties": false,
"id": "FederationInvalidConfigurationDetailsResponse",
"module_id": "GmConfigOnboarding",
"properties": {
"feature": {
"$ref": "OnboardingFeatureInfo,
"description": "Federation feature with invalid configuration for onboarding a site.",
"readonly": true,
"required": false,
"title": "Feature information"
},
"invalid_config_summary": {
"items": {
"$ref": "InvalidConfigSummary
},
"maxItems": 8,
"readonly": true,
"required": false,
"type": "array"
},
"total_count": {
"description": "Total resource count in invalid configuration.",
"readonly": true,
"required": true,
"title": "Total Resource Count",
"type": "integer"
}
},
"title": "Federation Invalid Configuration Details Response",
"type": "object"
}
FederationNodeSummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "FederationNodeSummary",
"module_id": "FederationUpgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"node_count": {
"description": "Number of nodes of the type and at the component version.",
"readonly": true,
"required": true,
"title": "Count of nodes",
"type": "int"
},
"version": {
"readonly": true,
"required": true,
"title": "Component version",
"type": "string"
}
},
"type": "object"
}
FederationQueueInfo (type)
{
"description": "Provides insights into details of a specific queue in the flows. For example Global Manager to Local Manager flow, there is a queue on the Global Manager for sending and a queue on Local Manager for receiving.",
"id": "FederationQueueInfo",
"module_id": "FederationObservability",
"properties": {
"current_size": {
"read_only": true,
"title": "Number of messages in the queue",
"type": "integer"
},
"max_size": {
"read_only": true,
"title": "Maixmum capacity of the queue",
"type": "integer"
},
"name": {
"read_only": true,
"title": "Queue name",
"type": "string"
},
"namespace": {
"description": "Every persistent queue has name and namespace. For more debugging like dumping queue, namespace is needed.",
"read_only": true,
"title": "Queue namespace",
"type": "string"
},
"type": {
"enum": [
"TRANSMITTER",
"RECEIVER"
],
"read_only": true,
"title": "Queue type - sender or receiver side",
"type": "string"
}
},
"title": "Details about a specific queue in the flow",
"type": "object"
}
FederationSite (type)
{
"additionalProperties": false,
"description": "Site information.",
"id": "FederationSite",
"module_id": "SiteManagerModule",
"properties": {
"active_gm": {
"enum": [
"ACTIVE",
"STANDBY",
"NONE",
"INVALID"
],
"required": true,
"title": "Does site have active GM",
"type": "string"
},
"aph_list": {
"items": {
"$ref": "AphInfo
},
"required": true,
"title": "Aph services in the site",
"type": "array"
},
"cert_hash": {
"required": false,
"title": "Hash of the trustManagerCert",
"type": "string"
},
"cluster_id": {
"required": false,
"title": "Cluster id",
"type": "string"
},
"config_version": {
"required": false,
"title": "Site config version",
"type": "integer"
},
"id": {
"required": true,
"title": "Id of the site",
"type": "string"
},
"is_federated": {
"required": true,
"title": "Is site federated",
"type": "boolean"
},
"is_local": {
"required": true,
"title": "Is site local",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the site",
"type": "string"
},
"node_type": {
"enum": [
"GM",
"LM",
"GM_AND_LM"
],
"required": true,
"title": "Type of node",
"type": "string"
},
"site_version": {
"required": true,
"title": "Version of the site",
"type": "string"
},
"split_brain": {
"required": false,
"title": "Split brain",
"type": "boolean"
},
"system_id": {
"required": true,
"title": "System id",
"type": "integer"
},
"trust_manager_cert": {
"required": false,
"title": "Cert string from trust manager",
"type": "string"
},
"vip_ip": {
"required": false,
"title": "Vip ip",
"type": "string"
}
},
"title": "Site information",
"type": "object"
}
FederationStatus (type)
{
"id": "FederationStatus",
"module_id": "SiteManagerModule",
"properties": {
"active_standby_sync_statuses": {
"items": {
"$ref": "ActiveStandbySyncStatus
},
"required": true,
"title": "Status of synchronization between active and standby sites.",
"type": "array"
},
"remote_connections": {
"items": {
"$ref": "SiteStatus
},
"title": "Site connection status",
"type": "array"
}
},
"type": "object"
}
FederationUpgradeSummary (type)
{
"additionalProperties": false,
"description": "Provides upgrade summary for a specific site.",
"id": "FederationUpgradeSummary",
"module_id": "FederationUpgrade",
"properties": {
"component_status": {
"items": {
"$ref": "FederationComponentUpgradeStatus
},
"readonly": true,
"required": true,
"title": "List of component statuses",
"type": "array"
},
"current_version": {
"description": "This is NSX version for the site.",
"readonly": true,
"required": true,
"title": "Current version of the site",
"type": "string"
},
"gpm_name": {
"description": "Name of the global manager if present.",
"readonly": true,
"required": false,
"title": "Name of the global manager",
"type": "string"
},
"id": {
"description": "Unique identifier of this resource.",
"readonly": true,
"required": true,
"title": "UUID of this resource",
"type": "string"
},
"last_upgrade_timestamp": {
"description": "Indicates the time when the site was upgraded.",
"readonly": true,
"required": false,
"title": "Last upgrade timestamp",
"type": "string"
},
"name": {
"description": "Name of the site.",
"readonly": true,
"required": false,
"title": "Name of the site",
"type": "string"
},
"overall_upgrade_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade",
"type": "string"
},
"site_id": {
"description": "This is the Site Manager generated UUID for every NSX deployment.",
"readonly": true,
"required": true,
"title": "UUID of the site",
"type": "string"
},
"site_ip": {
"description": "IP address of the site.",
"readonly": true,
"required": true,
"title": "Site IP",
"type": "string"
},
"site_type": {
"description": "Type of this site.",
"enum": [
"ACTIVE_GM_SITE",
"STANDBY_GM_SITE",
"NON_GM_SITE"
],
"readonly": true,
"required": true,
"title": "Site type",
"type": "string"
},
"target_version": {
"description": "This is NSX target version for the site, if it is undergoing upgrade.",
"readonly": true,
"required": false,
"title": "Target version for the site",
"type": "string"
}
},
"title": "Upgrade Summary",
"type": "object"
}
FederationUpgradeSummaryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "FederationUpgradeSummaryListRequestParameters",
"module_id": "FederationUpgrade",
"properties": {
"current_version": {
"description": "Get upgrade information from sites are at a given version.",
"readonly": false,
"required": false,
"title": "Filter on site current_version",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
FederationUpgradeSummaryListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FederationUpgradeSummaryListResult",
"module_id": "FederationUpgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FederationUpgradeSummary
},
"readonly": true,
"title": "Paged collection of site upgrade information",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of site upgrade information",
"type": "object"
}
FieldSanityConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the field value constraint to constrain specified field value based on defined sanity checks. Example - For DNS.upstream_servers, all the IP addresses must either be public or private. { \"target\": { \"target_resource_type\": \"DnsForwarderZone\", \"attribute\": \"upstreamServers\", \"path_prefix\": \"/infra/dns-forwarder-zones/\" }, \"constraint_expression\": { \"resource_type\": \"FieldSanityConstraintExpression\", \"operator\": \"OR\", \"checks\": [\"ALL_PUBLIC_IPS\", \"ALL_PRIVATE_IPS\"] } }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "FieldSanityConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "FieldSanityConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"checks": {
"description": "List of sanity checks.",
"items": {
"enum": [
"ALL_PUBLIC_IPS",
"ALL_PRIVATE_IPS",
"ALL_IPV6_CIDRS",
"ALL_IPV6_IPS",
"ALL_IPV4_CIDRS",
"ALL_IPV4_IPS"
],
"type": "string"
},
"required": true,
"title": "Array of sanity checks to be performed on field value",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"enum": [
"OR",
"AND"
],
"required": true,
"title": "A conditional operator",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the field value sanity constraint",
"type": "object"
}
FieldSetting (type)
{
"additionalProperties": false,
"description": "Field Setting.",
"id": "FieldSetting",
"module_id": "PolicyReaction",
"properties": {
"field_pointer": {
"description": "Field Pointer.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"value": {
"$ref": "FieldSettingValue,
"description": "Value that the field must be set to.",
"required": true,
"title": "Value"
}
},
"title": "FieldSetting",
"type": "object"
}
FieldSettingValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Field Setting Value.",
"id": "FieldSettingValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Field Setting Value resource type.",
"enum": [
"ConstantFieldValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Field Setting Value",
"type": "object"
}
FieldsFilterData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LiveTraceFilterData
},
"id": "FieldsFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsFilterData"
},
"properties": {
"ip_info": {
"$ref": "IpInfo,
"required": false,
"title": "IP address information"
},
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
},
"transport_info": {
"$ref": "TransportInfo,
"required": false,
"title": "Transport layer information"
}
},
"type": "object"
}
FieldsPacketData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PacketData
},
"id": "FieldsPacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "FieldsPacketData"
},
"properties": {
"arp_header": {
"$ref": "ArpHeader,
"required": false,
"title": "The ARP header"
},
"eth_header": {
"$ref": "EthernetHeader,
"required": false,
"title": "The ethernet header"
},
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"ip_header": {
"$ref": "Ipv4Header,
"required": false,
"title": "The IPv4 header"
},
"ipv6_header": {
"$ref": "Ipv6Header,
"required": false,
"title": "The IPv6 header"
},
"payload": {
"description": "Up to 1000 bytes of payload may be supplied (with a base64-encoded length of 1336 bytes.) Additional bytes of traceflow metadata will be appended to the payload. The payload contains any data the user wants to put after the transport header.",
"maxLength": 1336,
"required": false,
"title": "RFC3548 compatible base64-encoded payload",
"type": "string"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"required": false,
"title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.",
"type": "boolean"
},
"transport_header": {
"$ref": "TransportProtocolHeader,
"description": "This field contains a protocol that is above IP. It is not restricted to the 'transport' defined by the OSI model (e.g., ICMP is supported).",
"required": false,
"title": "The transport header"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
FileProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "FileProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"created_epoch_ms": {
"required": true,
"title": "File creation time in epoch milliseconds",
"type": "integer"
},
"modified_epoch_ms": {
"required": true,
"title": "File modification time in epoch milliseconds",
"type": "integer"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"size": {
"required": true,
"title": "Size of the file in bytes",
"type": "integer"
}
},
"title": "File properties",
"type": "object"
}
FilePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "FilePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FileProperties
},
"required": true,
"title": "File property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "File properties query results",
"type": "object"
}
FileThumbprint (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "FileThumbprint",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"name": {
"pattern": "^[^/]+$",
"required": true,
"title": "File name",
"type": "string"
},
"sha1": {
"required": true,
"title": "File's SHA1 thumbprint",
"type": "string"
},
"sha256": {
"required": true,
"title": "File's SHA256 thumbprint",
"type": "string"
}
},
"title": "File thumbprint",
"type": "object"
}
FileTransferAuthenticationScheme (type)
{
"additionalProperties": false,
"id": "FileTransferAuthenticationScheme",
"module_id": "BackupConfiguration",
"properties": {
"password": {
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"PASSWORD"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^([a-zA-Z][a-zA-Z0-9-.]*[a-zA-Z]\\\\\\){0,1}\\w[\\w.-]+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"title": "Remote server authentication details",
"type": "object"
}
FileTransferProtocol (type)
{
"additionalProperties": false,
"id": "FileTransferProtocol",
"module_id": "BackupConfiguration",
"properties": {
"authentication_scheme": {
"$ref": "FileTransferAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"protocol_name": {
"default": "sftp",
"enum": [
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"description": "The expected SSH fingerprint of the server. If the server's fingerprint does not match this fingerprint, the connection will be terminated. Only ECDSA fingerprints hashed with SHA256 are supported. To obtain the host's ssh fingerprint, you should connect via some method other than SSH to obtain this information. You can use one of these commands to view the key's fingerprint: 1. ssh-keygen -l -E sha256 -f ssh_host_ecdsa_key.pub 2. awk '{print $2}' ssh_host_ecdsa_key.pub | base64 -d | sha256sum -b | sed 's/ .*$//' | xxd -r -p | base64 | sed 's/.//44g' | awk '{print \"SHA256:\"$1}'",
"pattern": "^SHA256:.*$",
"required": true,
"title": "SSH fingerprint of server",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.fingerprint_pattern.message"
}
},
"title": "Protocol to transfer backup file to remote server",
"type": "object"
}
FileType (type)
{
"enum": [
"DOCUMENT",
"EXECUTABLE",
"MEDIA",
"ARCHIVE",
"DATA",
"SCRIPT",
"OTHER"
],
"id": "FileType",
"module_id": "PolicyAntiMalware",
"title": "MalwarePrevention File type",
"type": "string"
}
FilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for filter widget. This is abstract representation of filter widget.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "FilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "FilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Filter widget Configuration",
"type": "object"
}
FirewallConfiguration (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FirewallConfiguration",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disable_auto_drafts": {
"default": false,
"description": "To disable auto drafts, set it to true. By default, auto drafts are enabled.",
"title": "Auto draft disable flag",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_firewall": {
"default": true,
"description": "If set to true, Firewall is enabled.",
"title": "Firewall enable flag",
"type": "boolean"
},
"global_addrset_mode_enabled": {
"default": true,
"description": "When this flag is set to true, global address set is enabled in Distributed Firewall.",
"title": "A flag to indicate if global address set is enabled in DFW",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"DfwFirewallConfiguration"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Firewall related configurations",
"type": "object"
}
FirewallFilterByRequestParameters (type)
{
"additionalProperties": false,
"id": "FirewallFilterByRequestParameters",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"enforcement_point_path": {
"description": "Path of the enforcement point from where the result need to be fetched. If not provided, default enforcement point will be considered. It is mandatory parameter on global manager.",
"required": false,
"title": "Path of the enforcement point",
"type": "string"
},
"parent_path": {
"description": "The path of the parent object of entities that are need to be filtered based in the given criteria. Parent path is required for filtering rules of particular policy.",
"required": false,
"title": "Path of the parent object of the entities",
"type": "string"
},
"scope": {
"description": "All those firewall entities, policies/rules, will be returned whose scope value satisfies the given criteria. The value for scope can be, - virtual machine id or - logical router id. Based on the given scope value, the entities will be filtered.",
"required": true,
"title": "Scope filter criteria",
"type": "string"
}
},
"title": "Request parameters for filtering entities based on the given criteria",
"type": "object"
}
FloodProtectionProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding TCP, UDP and ICMP and other protcol connection limits.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Flood Protection profile",
"type": "object"
}
FloodProtectionProfileBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FloodProtectionProfileBindingListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfileBindingMap
},
"required": true,
"title": "Flood protection profile binding maps list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profile binding maps",
"type": "object"
}
FloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Flood Protection profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "FloodProtectionProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "FloodProtectionProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Flood Protection Profile binding map",
"type": "object"
}
FloodProtectionProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "FloodProtectionProfileListRequestParameters",
"module_id": "PolicyProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Flood Protection profile list request parameters",
"type": "object"
}
FloodProtectionProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "FloodProtectionProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "FloodProtectionProfile
},
"required": true,
"title": "Flood protection profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of flood protection profiles",
"type": "object"
}
FloodProtectionProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayFloodProtectionProfile is used for all Tier0 and Tier1 gateways. DistributedFloodProtectionProfile is used for all Transport Nodes.",
"enum": [
"GatewayFloodProtectionProfile",
"DistributedFloodProtectionProfile"
],
"id": "FloodProtectionProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of flood protection profiles",
"type": "string"
}
FlowInfo (type)
{
"description": "Provides details of config flow in federation Federation has the following flows - Global Manager to Local Manager (GM -> LM) - Local Manager to Glocal Manager (LM -> GM) - Global Manager Active to Glocal Manager Standby (GM -> GM) - Local Manager to Local Manager (LM -> LM)",
"id": "FlowInfo",
"module_id": "FederationObservability",
"properties": {
"cross_site_flow_info": {
"$ref": "CrossSiteFlowInfo,
"read_only": true,
"title": "Corss site flow information for the flow"
},
"flow_type": {
"enum": [
"GM_TO_LM",
"LM_TO_GM",
"GM_TO_GM",
"LM_TO_LM",
"GM_WORK_QUEUE",
"GM_DELETE_QUEUE"
],
"read_only": true,
"title": "Flow identifier",
"type": "string"
},
"id": {
"read_only": true,
"title": "System identifier for the flow",
"type": "string"
},
"queue_infos": {
"description": "Every flow will have transmitter and receiver queues.",
"items": {
"$ref": "FederationQueueInfo
},
"read_only": true,
"title": "Queue information for the flow",
"type": "array"
}
},
"title": "Details of config flow",
"type": "object"
}
Footer (type)
{
"additionalProperties": false,
"description": "Footer of a widget that provides additional information or allows an action such as clickable url for navigation. An example usage of footer is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "Footer",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"actions": {
"description": "Action to be performed at the footer of a widget. An action at the footer can be simple text description or a hyperlink to a UI page. Action allows a clickable url for navigation. An example usage of footer action is provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "FooterAction
},
"minItems": 0,
"title": "Footer Actions",
"type": "array"
},
"condition": {
"description": "If the condition is met then the footer will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
}
},
"title": "Widget Footer",
"type": "object"
}
FooterAction (type)
{
"additionalProperties": false,
"description": "Action specified at the footer of a widget to provide additional information or to provide a clickable url for navigation. An example usage of footer action is provided under the 'example_request' section of 'CreateWidgetConfiguration' API.",
"id": "FooterAction",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"dock_to_container_footer": {
"default": true,
"description": "If true, the footer will appear in the underlying container that holds the widget.",
"title": "Dock the footer at container",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Label to be displayed against the footer action.",
"required": true,
"title": "Label for action"
},
"url": {
"description": "Hyperlink to the UI page that provides details of action.",
"maxLength": 1024,
"title": "Clickable hyperlink, if any",
"type": "string"
}
},
"title": "Widget Footer Action",
"type": "object"
}
ForceRevisionCheckRequestParameter (type)
{
"description": "Forces revision check before updating",
"id": "ForceRevisionCheckRequestParameter",
"module_id": "Policy",
"properties": {
"enforce_revision_check": {
"default": false,
"description": "If this is set to true, each child object in the request needs to have _revision property set correctly. System will honor the revision numbers while updating the resources.",
"readonly": false,
"required": false,
"title": "Force revision check",
"type": "boolean"
}
},
"title": "Parameter to enforce revision check before updating objects",
"type": "object"
}
ForwardingPolicy (type)
{
"additionalProperties": false,
"description": "Contains ordered list of forwarding rules that determine when to forward traffic to / from the underlay for accessing cloud native services.",
"extends": {
"$ref": "Policy
},
"id": "ForwardingPolicy",
"module_id": "PolicyForwarding",
"policy_hierarchical_children": [
"ChildForwardingRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "ForwardingRule
},
"required": false,
"title": "Rules that are a part of this ForwardingPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Forwarding Policy\n",
"type": "object"
}
ForwardingPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "ForwardingPolicyListResult",
"module_id": "PolicyForwarding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingPolicy
},
"required": true,
"title": "ForwardingPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of ForwardingPolicy objects",
"type": "object"
}
ForwardingRule (type)
{
"additionalProperties": false,
"description": "Forwarding rule that determine how to forward traffic from a VM. Traffic from VM can either be routed via Overlay or Underlay when VM is on hybrid port. Additionally NAT can be performed for VM or container on overlay to route traffic to/from underlay ROUTE_TO_UNDERLAY - Access a service on underlay space from a VM connected to hybrid port. Eg access to AWS S3 on AWS underlay ROUTE_TO_OVERLAY - Access a service on overlay space from a VM connected to hybrid port. ROUTE_FROM_UNDERLAY - Access a service hosted on a VM (that is connected to hybrid port) from underlay space. Eg access from AWS ELB to VM ROUTE_FROM_OVERLAY - Access a service hosted on a VM (that is connected to hybrid port) from overlay space NAT_FROM_UNDERLAY - Access a service on overlay VM/container from underlay space using DNAT from underlay IP to overlay IP NAT_TO_UNDERLAY - Access an underlay service from a VM/container on overlay space using SNAT from overlay IP to underlay IP",
"extends": {
"$ref": "BaseRule
},
"id": "ForwardingRule",
"module_id": "PolicyForwarding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services",
"enum": [
"ROUTE_TO_UNDERLAY",
"ROUTE_TO_OVERLAY",
"ROUTE_FROM_UNDERLAY",
"ROUTE_FROM_OVERLAY",
"NAT_FROM_UNDERLAY",
"NAT_TO_UNDERLAY"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Forwarding rule",
"type": "object"
}
ForwardingRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RuleListRequestParameters
},
"id": "ForwardingRuleListRequestParameters",
"module_id": "PolicyForwarding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "ForwardingRule list request parameters",
"type": "object"
}
ForwardingRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "ForwardingRuleListResult",
"module_id": "PolicyForwarding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ForwardingRule
},
"required": true,
"title": "Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of ForwardingRules",
"type": "object"
}
FqdnAnalysisConfig (type)
{
"additionalProperties": false,
"description": "The type contains information about the configuration of the FqdnAnalysis feature for a specific node.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FqdnAnalysisConfig",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Property which specifies the enabling/disabling of the feature.",
"required": false,
"title": "Enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "FQDN Analysis feature configuration entity",
"type": "object"
}
FullSyncInfo (type)
{
"description": "Represents details of the last full sync if full sync is not running, otherwise returns the status of current full sync.",
"id": "FullSyncInfo",
"module_id": "FederationObservability",
"properties": {
"data_streaming_from_source_end_time": {
"read_only": true,
"title": "End time of streaming full state from source",
"type": "integer"
},
"data_streaming_from_source_progress": {
"read_only": true,
"title": "Details about full sync on sender side",
"type": "string"
},
"data_streaming_from_source_start_time": {
"read_only": true,
"title": "Start time of streaming full state from source",
"type": "integer"
},
"end_time": {
"read_only": true,
"title": "Full sync end time",
"type": "integer"
},
"errors": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
},
"fullSyncId": {
"read_only": true,
"title": "Full sync id",
"type": "string"
},
"reason": {
"read_only": true,
"title": "Description of full sync reason",
"type": "string"
},
"reason_code": {
"description": "Full sync can happen for various internal reasons, as well user can request for one. The code provides the classification of possible reasons to start a full sync.",
"enum": [
"QUEUE_OVERFLOW_ON_TRANSMITTER",
"QUEUE_OVERFLOW_ON_RECEIVER",
"CONNECTION_RESTORED",
"LM_ONBOARDED",
"GM_SWITCHOVER",
"RESTORED_GM_FROM_BACKUP",
"RESTORED_LM_FROM_BACKUP",
"BROWNFIELD_CONFIG_MIGRATION_FROM_LM_TO_GM",
"GM_REQUESTED_OVERSIZED_PAYLOAD",
"GM_REQUESTED_SITE_ONBOARDING",
"GM_REQUESTED_OTHER",
"LM_REQUSTED_OVERSIZED_PAYLOAD",
"LM_REQUESTED_OTHER",
"USER_REQUSTED",
"OTHER_AR_INTERNAL",
"POST_UPGRADE_GM",
"POST_UPGRADE_LM",
"UNKNOWN"
],
"read_only": true,
"title": "Reason code for full sync",
"type": "string"
},
"receiver_end_time": {
"read_only": true,
"title": "End time of completing applying full state on receiver side",
"type": "integer"
},
"receiver_start_time": {
"read_only": true,
"title": "Start time of applying full state on receiver side",
"type": "integer"
},
"receiver_state": {
"description": "This is optional information, provides useful insights on receiver side once async channel hands over full state data to receiver.",
"read_only": true,
"title": "Internal receiver state",
"type": "string"
},
"receiver_time_to_apply_in_millis": {
"read_only": true,
"title": "Time taken by application receiver to apply the full state received",
"type": "integer"
},
"stage": {
"description": "This provides the insights into current full sync stage if in progress.",
"enum": [
"NOT_STARTED",
"REQUESTED_FULL_STATE_FROM_SOURCE",
"TRANSFERRING_FULL_STATE",
"COMPLETED_TRANSFERRING_FULL_STATE",
"DESTINATION_APPLYING_FULL_STATE",
"COMPLETED_SUCCESSFUL",
"TIMEOUT_ON_SOURCE_RECEIVE_FULL_STATE",
"TIMEOUT_ON_DESTINATION_APPLY",
"COMPLETED_FAILED"
],
"read_only": true,
"title": "Current stage details if full sync in progress",
"type": "string"
},
"start_time": {
"read_only": true,
"title": "Full sync start time",
"type": "integer"
},
"status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"COMPLETED"
],
"read_only": true,
"title": "Full sync status",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
}
},
"title": "Full sync details for the flow",
"type": "object"
}
FullSyncState (type)
{
"additionalProperties": false,
"description": "Provides FullSync state for Local Manager from Global Manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "FullSyncState",
"module_id": "PolicyFullSync",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"errors": {
"description": "Errors occurred during full sync.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Errors occurred during full sync",
"type": "array"
},
"full_sync_id": {
"description": "Full sync id generated by Async Replicator (AR) service.",
"readonly": true,
"title": "Full sync id",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_completed_stage": {
"description": "The current stage of full sync completion for ongoing sync. When Local Manager (LM) receives full sync data from AR, LM starts with workflow to prserve the state and restore the full sync from where it has left off in case of change of leadership of the service to different NSX node or LM is restarted. LM starts the full sync workflow with state INITIAL capturing the AR full sync id and data location details. The stage/state transition follows the order given below INITIAL - Full sync started PROCESSED_FULLSYNC_DATA - Compelted processing the full state data provided by AR PRCESSED_DELTAS - Completed processing pending delta changes provided by AR. DELETED_STALE_ENTITIES - Completed deletion of all global entities on LM that are not in GM anymore COMPLETED - Full sync handling is completed on LM ERROR - Full sync failed with errors on LM, in which case AR will re-attempt full sync later point in time for the LM ABORTED - Indicates that the full sync cancelled as per user request",
"enum": [
"INITIAL",
"PAUSE_DCNS",
"DELETED_STALE_ENTITIES",
"PROCESSED_FULLSYNC_DATA",
"PROCESSED_DELTAS",
"UNPAUSE_DCNS",
"COMPLETED",
"ERROR",
"ABORTED"
],
"readonly": true,
"title": "Full sync stage that is last completed for this request.",
"type": "string"
},
"last_upate_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"deprecated": true,
"description": "Deprecated, refer to last_update_time for the last update time stamp.",
"readonly": true
},
"last_update_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last update, could be progress or success or error.",
"readonly": true
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of Full Sync start.",
"readonly": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Full sync state",
"type": "object"
}
FullSyncStateListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of FullSync states.",
"extends": {
"$ref": "ListResult
},
"id": "FullSyncStateListResult",
"module_id": "PolicyFullSync",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "FullSync states list.",
"items": {
"$ref": "FullSyncState
},
"required": true,
"title": "FullSync states list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of FullSync states.",
"type": "object"
}
FullSyncStatus (type)
{
"id": "FullSyncStatus",
"module_id": "SiteManagerModule",
"properties": {
"completed_at": {
"required": true,
"title": "Time at which the full sync was completed.",
"type": "string"
},
"snapshot_version": {
"required": true,
"title": "Snapshot version targeted by full sync.",
"type": "string"
},
"status": {
"enum": [
"UNAVAILABLE",
"ERROR",
"ONGOING",
"COMPLETE",
"NOT_STARTED"
],
"required": true,
"title": "Status of full sync.",
"type": "string"
},
"sync_id": {
"required": true,
"title": "Identifier for the full sync.",
"type": "string"
},
"sync_type": {
"enum": [
"UNAVAILABLE",
"STANDARD",
"FORCED"
],
"required": true,
"title": "Type of full sync.",
"type": "string"
}
},
"type": "object"
}
GatewayFloodProtectionProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "FloodProtectionProfile
},
"id": "GatewayFloodProtectionProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayFloodProtectionProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active ICMP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active ICMP connections limit",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nat_active_conn_limit": {
"default": 4294967295,
"description": "The maximum limit of active NAT connections. This limit only apply to EDGE components (such as, gateway). If this property is omitted, or set to null, then there is no limit on the specific component. Meanwhile there is an implicit limit which depends on the underlying hardware resource.",
"maximum": 4294967295,
"minimum": 1,
"readonly": false,
"title": "Maximum limit of active NAT connections",
"type": "integer"
},
"other_active_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to other active connections. besides UDP, ICMP and half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Timeout after first TN",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "FloodProtectionProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_half_open_conn_limit": {
"description": "If this field is empty, firewall will not set a limit to half open TCP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active half open TCP connections limit",
"type": "integer"
},
"udp_active_flow_limit": {
"description": "If this field is empty, firewall will not set a limit to active UDP connections.",
"maximum": 1000000,
"minimum": 1,
"title": "Active UDP connections limit",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayGeneralSecurityProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "GeneralSecurityProfile
},
"id": "GatewayGeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GatewayGeneralSecurityProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_double_flow": {
"default": false,
"description": "The flag to indicate double flow check is enabled or not. This option applies only to EDGE components.",
"readonly": false,
"title": "Flag to indicate double flow check is enabled or not",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
GatewayPolicy (type)
{
"extends": {
"$ref": "Policy
},
"id": "GatewayPolicy",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule
},
"required": false,
"title": "Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for GatewayPolicy",
"type": "object"
}
GatewayPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "GatewayPolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayPolicy
},
"required": true,
"title": "GatewayPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of gateway policies",
"type": "object"
}
GatewayQosProfile (type)
{
"additionalProperties": false,
"description": "QoS profile contains configuration of rate limiting properties which can be applied in ingress and egress directions at Tier1 gateways",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GatewayQosProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"burst_size": {
"default": 1,
"description": "Burst size in bytes.",
"minimum": 1,
"title": "Burst size in bytes",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"committed_bandwidth": {
"default": 1,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"committed_bandwitdth": {
"default": 1,
"deprecated": true,
"description": "Committed bandwidth in both directions specified in Mbps. Bandwidth is limited to line rate when the value configured is greater than line rate. This property is deprecated, use committed_bandwidth instead.",
"minimum": 1,
"title": "Committed bandwidth in Mbps",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"excess_action": {
"description": "Action on traffic exceeding bandwidth.",
"enum": [
"DROP"
],
"required": false,
"title": "Action on traffic exceeding bandwidth.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "QoS configuration of Tier1 gateway",
"type": "object"
}
GatewayQosProfileConfig (type)
{
"additionalProperties": false,
"id": "GatewayQosProfileConfig",
"module_id": "PolicyConnectivity",
"properties": {
"egress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in egress direction.",
"required": false,
"title": "Egress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
},
"ingress_qos_profile_path": {
"description": "Policy path to gateway QoS profile in ingress direction.",
"required": false,
"title": "Ingress QoS profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "GATEWAY_QOS_PROFILE_RELATIONSHIP",
"rightType": [
"GatewayQosProfile"
]
}
]
}
},
"title": "Gateway QoS profile configuration",
"type": "object"
}
GatewayQosProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GatewayQosProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GatewayQosProfile
},
"required": true,
"title": "Paginated list of GatewayQosProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GatewayRouteCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "GatewayRouteCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"admin_distance": {
"required": false,
"title": "The admin distance of the next hop",
"type": "integer"
},
"edge_path": {
"description": "Edge node policy path.",
"readonly": true,
"title": "Edge path",
"type": "string"
},
"interface": {
"required": false,
"title": "The policy path of the interface which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"$ref": "IPCIDRBlock,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"required": false,
"title": "The IP of the next hop"
},
"route_type": {
"required": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"type": "object"
}
GatewayRouteTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "GatewayRouteTableInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "GatewayRouteCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
GeneralSecurityProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "A profile holding general security settings.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GeneralSecurityProfile",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "GeneralSecurityProfileResourceType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "General Security profile",
"type": "object"
}
GeneralSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between General Security profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "GeneralSecurityProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "GeneralSecurityProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy General Security profile binding map",
"type": "object"
}
GeneralSecurityProfileResourceType (type)
{
"additionalProperties": false,
"description": "GatewayGeneralSecurityProfile is used for all Tier0 and Tier1 gateways.",
"enum": [
"GatewayGeneralSecurityProfile"
],
"id": "GeneralSecurityProfileResourceType",
"module_id": "PolicyProfile",
"title": "Resource types of General Security profiles",
"type": "string"
}
GenericDhcpOption (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Define DHCP options other than option 121.",
"id": "GenericDhcpOption",
"module_id": "Dhcp",
"properties": {
"code": {
"description": "Code of the dhcp option.",
"maximum": 255,
"minimum": 0,
"required": true,
"title": "DHCP option code, [0-255]",
"type": "integer"
},
"values": {
"description": "Value of the option.",
"items": {
"type": "string"
},
"maxItems": 10,
"minItems": 1,
"required": true,
"title": "DHCP option value",
"type": "array"
}
},
"title": "Generic DHCP option",
"type": "object"
}
GenericPolicyRealizedResource (type)
{
"description": "Represents realized entity",
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "GenericPolicyRealizedResource",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point.",
"readonly": true,
"title": "Enforcement Point Path",
"type": "string"
},
"entity_type": {
"readonly": true,
"title": "Type of realized entity",
"type": "string"
},
"extended_attributes": {
"items": {
"$ref": "AttributeVal
},
"readonly": true,
"required": false,
"title": "Collection of type specific properties",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_paths": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Collection of intent paths",
"type": "array"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"site_path": {
"description": "The site where this entity resides.",
"readonly": true,
"title": "Site Path",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Generic realized entity",
"type": "object"
}
GenericPolicyRealizedResourceListResult (type)
{
"additionalProperties": false,
"description": "GenericPolicyRealizedResource list result",
"extends": {
"$ref": "ListResult
},
"id": "GenericPolicyRealizedResourceListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of realized resources",
"items": {
"$ref": "GenericPolicyRealizedResource
},
"required": false,
"title": "Paged Collection of GenericPolicyRealizedResources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "GenericPolicyRealizedResource list result",
"type": "object"
}
GetBackupUiFramesInfoRequestParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "GetBackupUiFramesInfoRequestParameters",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"ui_tab_type": {
"default": "LOCAL_MANAGER_TAB",
"enum": [
"LOCAL_MANAGER_TAB",
"GLOBAL_MANAGER_TAB"
],
"readonly": true,
"required": false,
"type": "string"
}
},
"type": "object"
}
GetCertParameter (type)
{
"additionalProperties": false,
"id": "GetCertParameter",
"module_id": "CertificateManager",
"properties": {
"details": {
"default": false,
"required": false,
"title": "whether to expand the pem data and show all its details",
"type": "boolean"
}
},
"type": "object"
}
GetSNMPParameters (type)
{
"additionalProperties": false,
"description": "Get SNMP request parameters.",
"id": "GetSNMPParameters",
"properties": {
"show_sensitive_data": {
"default": false,
"description": "Whether to show SNMP service properties including community strings if any applicable.",
"required": false,
"title": "Show SNMP sensitive data or not",
"type": "boolean"
}
},
"title": "Get SNMP request parameters",
"type": "object"
}
GlobalCollectorConfig (type)
{
"abstract": true,
"description": "The GlobalCollectorConfig is the base class for global collector configurations for different types in a NSX domain.",
"id": "GlobalCollectorConfig",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "collector_type"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
}
},
"title": "Abstract base type for Global collector configurations of different types",
"type": "object"
}
GlobalCollectorType (type)
{
"enum": [
"VRNI",
"WAVE_FRONT"
],
"id": "GlobalCollectorType",
"module_id": "Policy",
"title": "Valid Global collector types",
"type": "string"
}
GlobalConfig (type)
{
"additionalProperties": false,
"description": "Global configuration",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allow_changing_vdr_mac_in_use": {
"default": false,
"description": "When this flag is set to true, it is allowed to change the VDR MAC being used by existing transport nodes in a NSX system. The VDR MAC used by a host switch in a transport node is decided by the OVERLAY transport zone(s) which the host switch joins. If any of the OVERLAY transport zone(s) has \"nested_nsx\" property set to true, the MAC in \"vdr_mac_nested\" is used; otherwise the MAC in \"vdr_mac\" is used. Thus the VDR MAC being used by a host switch in a transport node can be changed in below ways. If the host switch is not in any OVERLAY transport zone whose \"nested_nsx\" property is true but is in an OVERLAY transport zone, the first way is updating the \"vdr_mac\" property. The 2nd way is updating one of the OVERLAY tranport zones joined by the host switch to set \"nested_nsx\" property true which will make the host switch use the VDR MAC in \"vdr_mac_nested\". The third way is directly updating the transport node to add an OVERLAY transport zone whose \"nested_nsx\" property is true into the host switch which will also make the host switch use the VDR MAC in \"vdr_mac_nested\". If the host switch is in some OVERLAY transport zone(s) whose \"nested_nsx\" property is true, the first way is updating the \"vdr_mac_nested\" property. The 2nd way is updating all those OVERLAY tranport zones to set \"nested_nsx\" property false which will make the host switch use the VDR MAC in \"vdr_mac\". The third way is directly updating the transport node to remove all those OVERLAY transport zones from the host switch which will also make the host switch use the VDR MAC in \"vdr_mac\". Please note that changing the VDR MAC being used by existing transport nodes will most likely cause traffic disruption and network outage!",
"title": "A flag to indicate if changing the VDR MAC being used is allowed",
"type": "boolean"
},
"arp_limit_per_gateway": {
"Default": 50000,
"description": "Global configuration of maximum number of ARP entries per transport node at each Tier0/Tier1 gateway.",
"maximum": 50000,
"minimum": 5000,
"title": "ARP limit per Tier0/Tier1 gateway",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_gateway_bfd": {
"$ref": "ExternalGatewayBfdConfig,
"description": "Configuration for BFD session between host nodes and external gateways. If this configuration is not provided, system defaults are applied.",
"title": "External Bidirectional Flow Detection configuration"
},
"fips": {
"$ref": "FIPSGlobalConfig,
"description": "Contains the FIPSGlobalConfig object.",
"required": false,
"title": "FIPS enabled config"
},
"global_replication_mode_enabled": {
"default": false,
"description": "When this flag is set true, certain types of BUM packets will be sent to all VTEPs in the global VTEP table, ignoring the logical switching span.",
"title": "A flag to indicate if global replication mode is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l3_forwarding_mode": {
"default": "IPV4_ONLY",
"description": "Configure forwarding mode for routing. This setting does not restrict configuration for other modes.",
"enum": [
"IPV4_ONLY",
"IPV4_AND_IPV6"
],
"required": false,
"title": "L3 forwarding mode",
"type": "string"
},
"lb_ecmp": {
"default": false,
"description": "Flag to enable/disable ECMP load balancing. By default ECMP load balancing is disabled.",
"title": "Flag for controlling equal-cost multi-path(ECMP) load balancing.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit. This is the global default MTU for all the EXTERNAL (uplink) and SERVICE (CSP) interfaces in the NSX domain. There is no option to override this value at the transport zone level or transport node level.",
"minimum": 1280,
"required": false,
"title": "MTU size",
"type": "int"
},
"operation_collectors": {
"deprecated": true,
"description": "This property is a part of OpsGlobalConfig object. Use /infra/ops-global-config instead. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.",
"items": {
"$ref": "GlobalCollectorConfig
},
"required": false,
"title": "Operation global collector config",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"physical_uplink_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical uplinks in a NSX domain. This is the default value for the optional uplink profile MTU field. When the MTU value is not specified in the uplink profile, this global value will be used. This value can be overridden by providing a value for the optional MTU field in the uplink profile. Whenever this value is updated, the updated value will only be propagated to the uplinks that don't have the MTU value in their uplink profiles. If this value is not set, the default value of 1700 will be used. The Transport Node state can be monitored to confirm if the updated MTU value has been realized.",
"readonly": false,
"title": "MTU for the physical uplinks",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_tunnel_physical_mtu": {
"default": 1700,
"description": "This is the global default MTU for all the physical remote tunnel endpoints in an NSX domain. Please consider intersite link MTU minus any external overhead when defining the MTU. If this value is not set, the default value of 1500 will be used.",
"readonly": false,
"title": "The physical MTU for the remote tunnel endpoints",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uplink_mtu_threshold": {
"default": 9000,
"description": "This value defines the upper threshold for the Maximum Transmission Unit (MTU) value that can be configured at a physical uplink level or a logical routing uplink level in a NSX domain. All Uplink profiles validate against this value so that the MTU specified in an Uplink profile does not exceed this global upper threshold. Similarly, when this value is modified, the new value must be greater than or equal to any existing Uplink profile's MTU.",
"required": false,
"title": "Upper threshold for MTU on physical and logical uplinks",
"type": "int"
},
"vdr_mac": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:52",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system. It can be changed only when there is no transport node in the NSX system. This value cannot be same as vdr_mac_nested. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node. A transport node uses this VDR MAC if any host switch in the node is in OVERLAY transport zone(s) but none of the transport zone(s) has \"nested_nsx\" property being true.",
"title": "MAC address of the Virtual Distributed Router (VDR) port"
},
"vdr_mac_nested": {
"$ref": "MACAddress,
"default": "02:50:56:56:44:53",
"description": "This is the global default MAC address for all VDRs in all transport nodes in a NSX system nested in another NSX system. It can be changed only when there is no transport node in the NSX system. All transport zones in such a nested NSX system will have the \"nested_nsx\" property being true so that all transport nodes will use this MAC for the VDR ports to avoid conflict with the VDR MAC in the outer NSX system. When the property \"allow_changing_vdr_mac_in_use\" is false, it can not be changed if the current VDR MAC is being used by any transport node in a nested NSX environment. A transport node uses this VDR MAC if any host switch in the node is in an OVERLAY transport zone whose \"nested_nsx\" property is true.",
"title": "The MAC address of the Virtual Distributed Router (VDR) port in a nested NSX environment."
}
},
"title": "Global configuration",
"type": "object"
}
GlobalIdsSignature (type)
{
"additionalProperties": false,
"description": "Global IDS signature.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalIdsSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Enable/Disable a Signature at Global Level.",
"title": "Flag to Enable/Disable a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global IDS signature",
"type": "object"
}
GlobalManager (type)
{
"additionalProperties": false,
"description": "Global Manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalManager",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connection_info": {
"description": "To create a standby GM, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the GM has been successfully onboarded, the connection_info is discarded and authentication to the standby GM occurs using an X.509 client certificate.",
"items": {
"$ref": "SiteNodeConnectionInfo
},
"maxItems": 3,
"title": "Connection information",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fail_if_rtt_exceeded": {
"default": true,
"description": "Fail onboarding if maximum RTT exceeded.",
"title": "Fail onboarding if maximum RTT exceeded",
"type": "boolean"
},
"federation_id": {
"description": "Internally generated UUID to the federation of Global Manager.",
"readonly": true,
"title": "Global manager federation UUID",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_rtt": {
"default": 250,
"description": "If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value.",
"maximum": 1000,
"minimum": 0,
"title": "Maximum acceptable packet round trip time (RTT)",
"type": "integer"
},
"mode": {
"description": "There can be at most one ACTIVE global manager and one STANDBY global manager. In order to add a STANDBY manager, there must be an ACTIVE manager defined.",
"enum": [
"ACTIVE",
"STANDBY"
],
"required": true,
"title": "Mode of the global manager",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "UUID of the site where Global manager is running. This is the Site Manager generated UUID for every NSX deployment.",
"readonly": true,
"title": "UUID of the site where Global manager is running",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager",
"type": "object"
}
GlobalManagerConfig (type)
{
"additionalProperties": false,
"description": "This configuration is distributed to all Sites participating in federation.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "GlobalManagerConfig",
"module_id": "PolicySiteGM",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rtep_config": {
"$ref": "GmRtepConfig,
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"required": false,
"title": "Global Manager federation RTEP configuration"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Manager configuration",
"type": "object"
}
GlobalManagerListRequestParameters (type)
{
"additionalProperties": false,
"description": "Site list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GlobalManagerListRequestParameters",
"module_id": "PolicySiteGM",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Site List Request Parameters",
"type": "object"
}
GlobalManagerListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Global Managers.",
"extends": {
"$ref": "ListResult
},
"id": "GlobalManagerListResult",
"module_id": "PolicySiteGM",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Global Manager List Result.",
"items": {
"$ref": "GlobalManager
},
"required": true,
"title": "Global Manager List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Global Managers",
"type": "object"
}
GlobalManagerSwitchOverRequestParameter (type)
{
"description": "Parameter to force switch over from Standby to Active.",
"id": "GlobalManagerSwitchOverRequestParameter",
"module_id": "PolicySiteGM",
"properties": {
"force": {
"description": "If true indicates that user requested make standby Global Manager as active ignoring the state of current active Global Manager. Typically, recommended to use when active Global Manager is failed or not reachable.",
"title": "Indciates force switchover to Active",
"type": "boolean"
}
},
"title": "Parameter to force switchover",
"type": "object"
}
GlobalRestoreStatus (type)
{
"id": "GlobalRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "A description of the restore status",
"type": "string"
},
"value": {
"enum": [
"INITIAL",
"SUCCESS",
"FAILED",
"RUNNING",
"SUSPENDED_BY_USER",
"SUSPENDED_FOR_USER_ACTION",
"SUSPENDED",
"ABORTED"
],
"readonly": true,
"required": true,
"title": "Global rolled-up restore status value",
"type": "string"
}
},
"title": "Overall restore process status",
"type": "object"
}
GmConfigOnboardingConflictEntityInfo (type)
{
"description": "Conflicting Entity information on GM.",
"id": "GmConfigOnboardingConflictEntityInfo",
"module_id": "GmConfigOnboarding",
"properties": {
"error_messages": {
"$ref": "ConfigOnboardingError,
"readonly": true,
"required": false
},
"example": {
"$ref": "OnboardingFeatureInfo,
"description": "Conflict example",
"readonly": true,
"required": false,
"title": "Conflict example"
}
},
"title": "GM config Onboarding Conflicting Entity Info",
"type": "object"
}
GmFederationSiteConfig (type)
{
"additionalProperties": false,
"description": "Additional configuration required for federation at Site.",
"id": "GmFederationSiteConfig",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"transit_subnet": {
"description": "IP Addresses to be allocated for transit segment when the gateway is stretched. Note that Global Manager will carve out the IP Pool for each site to be used for edge nodes when gateway is stretched based on the user provided subnet and maximum number of edge nodes allowed per site.",
"format": "ip-cidr-block",
"readlony": true,
"title": "Transit subnet in CIDR format",
"type": "string"
}
},
"title": "Federation configuration for the site",
"type": "object"
}
GmNodeStatus (type)
{
"id": "GmNodeStatus",
"module_id": "GmOperationalState",
"properties": {
"end_time": {
"read_only": true,
"title": "End time of the switchover operation",
"type": "integer"
},
"errors": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
},
"node_id": {
"read_only": true,
"title": "UUID of the Global Manager node",
"type": "string"
},
"start_time": {
"read_only": true,
"title": "Start time of the switchover operation",
"type": "integer"
},
"status": {
"enum": [
"IN_PROGRESS",
"COMPLETED",
"FAILED"
],
"read_only": true,
"title": "Status of switchover operation",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
}
},
"title": "Represents the Global Manager node switchover status",
"type": "object"
}
GmOperationalState (type)
{
"description": "Represents the switchover operational state of Global Manager. Offers information about the current switchover operation including status from each Global Manager node and the errors if any.",
"id": "GmOperationalState",
"module_id": "GmOperationalState",
"properties": {
"consolidated_progress": {
"enum": [
"IN_PROGRESS",
"COMPLETED",
"FAILED"
],
"read_only": true,
"title": "Consolidated status of the current operation",
"type": "string"
},
"end_time": {
"read_only": true,
"title": "End time of the switchover operation",
"type": "integer"
},
"errors": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
},
"node_statuses": {
"items": {
"$ref": "GmNodeStatus
},
"read_only": true,
"title": "Switchover status from each NSX Global Manager appliance node",
"type": "array"
},
"site_manager_ref": {
"read_only": true,
"title": "Timestamp reference for the change provided by SiteManager",
"type": "integer"
},
"start_time": {
"read_only": true,
"title": "Start time of the switchover operation",
"type": "integer"
},
"status": {
"enum": [
"NONE",
"ACTIVE",
"STANDBY",
"SWITCHING_TO_ACTIVE",
"SWITCHING_TO_STANDBY",
"DECOMMISSIONED"
],
"read_only": true,
"required": true,
"title": "The current switchover operation requested.",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"read_only": true,
"title": "Errors if any",
"type": "array"
}
},
"title": "Represents the operational state of Global Manager",
"type": "object"
}
GmRtepConfig (type)
{
"additionalProperties": false,
"description": "Global Manager federation RTEP configuration. This configuration is distributed to all Sites participating in federation.",
"id": "GmRtepConfig",
"module_id": "PolicySiteGM",
"properties": {
"ibgp_password": {
"description": "Password to authenticate IBGP session between remote tunnel endpoints created on federated sites. This is applied to inter-site underlay IBGP neighbors created over remote tunnel endpoints on all sites. Empty string (\"\") clears existing password.",
"maxLength": 20,
"required": false,
"sensitive": true,
"title": "Password for IBGP sessions between federated sites",
"type": "string"
}
},
"title": "Global Manager federation RTEP configuration",
"type": "object"
}
GraphConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a graph widget",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "GraphConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GraphConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"axes": {
"$ref": "Axes,
"desription": "Represents the Axes of a graph. If axes is not specified, labels are not applied to the axes.",
"title": "Axes of a graph"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"display_x_value": {
"default": false,
"description": "If true, value of a point is shown as label on X axis. If false, value of point is not shown as label on X axis. false can be useful in situations where there are too many points and showing the X value as label can clutter the X axis.",
"title": "Show or hide the value of a point on X axis",
"type": "boolean"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"graphs": {
"decription": "Array of graphs to be plotted on the Axes. If more than 1 graph needs to be shown on the same axes, each graph will be distinguished by its color and legend.",
"items": {
"$ref": "GraphDefinition
},
"minItems": 1,
"required": true,
"title": "Graphs",
"type": "array"
},
"graphs_colors": {
"description": "An array of graphs colors which will be applied to each graph seperately. if number of provided colors are smaller than number of graph in the widget then colors are applied in circular manner.",
"items": {
"type": "string"
},
"title": "A colors for the graph",
"type": "array"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"line_chart_plot_configs": {
"description": "List of line chart plotting configuration. This plotting configuration will be applicable for the LINE_GRAPH only.",
"items": {
"$ref": "LineChartPlotConfiguration
},
"required": false,
"title": "List of line chart plotting configuration",
"type": "array"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"sub_type": {
"default": "BAR_GRAPH",
"description": "Describes the the type of graph. LINE_GRAPH shows a line graph chart BAR_GRAPH shows a simple bar graph chart STACKED_BAR_GRAPH shows a stacked bar graph chart",
"enum": [
"LINE_GRAPH",
"BAR_GRAPH",
"STACKED_BAR_GRAPH"
],
"title": "Subtype of a graph",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"x_value_type": {
"default": "string",
"description": "x value type.",
"enum": [
"string",
"number",
"date",
"millisecond",
"second"
],
"required": false,
"title": "x value type",
"type": "string"
},
"y_value_type": {
"description": "y value type.",
"enum": [
"integer",
"double"
],
"required": false,
"title": "y value type",
"type": "string"
}
},
"title": "Graph Configuration",
"type": "object"
}
GraphDefinition (type)
{
"additionalProperties": false,
"description": "Defines a graph",
"id": "GraphDefinition",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"id": {
"description": "Identifier of graph. It can be used to differentiate multiple graph series present in GraphWidgetConfiguration.",
"title": "Identifier of graph",
"type": "string"
},
"label": {
"$ref": "Label,
"description": "Describes the graph. It labels the entities of graph. If the label is not provided then it is not shown for a graph. For example, for a single graph, the title of widget can describe the graph and a label may not be necessary to be shown.",
"title": "Label of a graph"
},
"point_definition": {
"$ref": "PointDefinition,
"description": "Defines the points of a graph.",
"required": true,
"title": "Definition for points of a graph"
},
"render_configuration": {
"description": "Additional rendering or conditional evaluation of the field values to be performed, if any.",
"items": {
"$ref": "RenderConfiguration
},
"minItems": 0,
"title": "Render Configuration",
"type": "array"
},
"row_list_field": {
"description": "An expression that represents the series of the graph",
"required": false,
"title": "Expression for series of the graph",
"type": "string"
}
},
"title": "Definition of a graph",
"type": "object"
}
GridConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a Grid or Table widget.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "GridConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "GridConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"columns": {
"description": "Array of columns of a Grid widget",
"items": {
"$ref": "ColumnItem
},
"required": true,
"title": "Columns",
"type": "array"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"page_size": {
"default": 30,
"description": "Number of records per page. page_size will be effective only when the urls provided in the datasource support paging.",
"title": "Page Size",
"type": "int"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"row_list_fields": {
"description": "Rows of grid or table are formed from the list of objects returned by a row list field.",
"items": {
"$ref": "RowListField
},
"minItems": 1,
"required": true,
"title": "List of fields from which rows are formed",
"type": "array"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Grid Configuration",
"type": "object"
}
Group (type)
{
"additionalProperties": false,
"description": "Group.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Group",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildDnsSecurityProfileBindingMap",
"ChildGroupDiscoveryProfileBindingMap",
"ChildGroupMonitoringProfileBindingMap",
"ChildPolicyFirewallFloodProtectionProfileBindingMap",
"ChildPolicyFirewallSessionTimerProfileBindingMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expression": {
"description": "The expression list must follow below criteria: 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all non-conjunction expressions must be at even indices, separated by a conjunction expression at odd indices. 2. The total of ConditionExpression and NestedExpression in a list should not exceed 5. 3. The total of IPAddressExpression, MACAddressExpression, external IDs in an ExternalIDExpression and paths in a PathExpression must not exceed 500. 4. Each expression must be a valid Expression. See the definition of the Expression type for more information.",
"items": {
"$ref": "Expression
},
"required": false,
"title": "Expression",
"type": "array"
},
"extended_expression": {
"description": "Extended Expression allows additional higher level context to be specified for grouping criteria. (e.g. user AD group) This field allow users to specified user context as the source of a firewall rule for IDFW feature. Current version only support a single IdentityGroupExpression. In the future, this might expand to support other conjunction and non-conjunction expression. The extended expression list must follow below criteria: 1. Contains a single IdentityGroupExpression. No conjunction expression is supported. 2. No other non-conjunction expression is supported, except for IdentityGroupExpression. 3. Each expression must be a valid Expression. See the definition of the Expression type for more information. 4. Extended expression are implicitly AND with expression. 5. No nesting can be supported if this value is used. 6. If a Group is using extended expression, this group must be the only member in the source field of an communication map.",
"items": {
"$ref": "Expression
},
"maxItems": 1,
"required": false,
"title": "Extended Expression",
"type": "array"
},
"group_type": {
"description": "Group type can be specified during create and update of a group. Empty group type indicates a 'generic' group, ie group can include any entity from the valid GroupMemberType.",
"items": {
"$ref": "GroupTypes
},
"maxItems": 1,
"required": false,
"title": "Indicates the group type.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"reference": {
"default": false,
"description": "If true, indicates that this is a remote reference group. Such group will have span different from the its parent domain. Default value is false.",
"readonly": true,
"title": "Indicates if the group is a reference.",
"type": "boolean"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"state": {
"enum": [
"IN_PROGRESS",
"SUCCESS",
"FAILURE"
],
"required": false,
"title": "Realization state of this group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group",
"type": "object"
}
GroupDeleteRequestParameters (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "GroupDeleteRequestParameters",
"module_id": "Policy",
"properties": {
"fail_if_subtree_exists": {
"default": false,
"description": "Check if the group sub-tree has any entities. These primarily include the binding maps that point to various profiles. If this flag is passed as true, the group delete fails if any binding maps exist in the group sub-tree. By default, this flag is false, which means that the group is deleted along with the group sub-tree.",
"title": "Do not delete if the group subtree has any entities",
"type": "boolean"
},
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
}
},
"title": "Group delete request parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Group. With this entity, user can specify intent for applying discovery profile profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "GroupDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number used to resolve conflicts betweeen two profiles applied on the same group. Lower sequence number takes higher precedence. Two binding maps applied to the same profile must have the same sequence number. User defined sequence numbers range from 1 through 100,000. System defined sequence numbers range from 100,001 through 200,000.",
"maximum": 100000,
"minimum": 1,
"requried": true,
"title": "Sequence number group discovery profile Binding Map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Map for binding group with discovery profile",
"type": "object"
}
GroupDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Discovery Profile Binding Map List Request Parameters",
"type": "object"
}
GroupDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupDiscoveryProfileBindingMap
},
"requried": true,
"title": "Group Discovery Profile Binding Map List Results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Discovery Profile Binding Map",
"type": "object"
}
GroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"member_types": {
"description": "Optionally, specify valid member types as request parameter to filter NSGroups.",
"required": false,
"title": "Comma Seperated Member types",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group list request parameters",
"type": "object"
}
GroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Group
},
"required": true,
"title": "Group list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Groups",
"type": "object"
}
GroupMemberActionParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter to either add or remove the Group members.",
"id": "GroupMemberActionParameters",
"module_id": "Policy",
"properties": {
"action": {
"description": "Action parameter determines whether to add or remove the group members.",
"enum": [
"add",
"remove"
],
"required": true,
"title": "Add or Remove group members.",
"type": "string"
}
},
"title": "Request Parameters for Group members",
"type": "object"
}
GroupMemberList (type)
{
"additionalProperties": false,
"description": "List of same type members to either add or remove from a group.",
"id": "GroupMemberList",
"module_id": "Policy",
"properties": {
"members": {
"description": "This array contains group members of similar types.",
"items": {
"type": "string"
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Groups members collection",
"type": "array"
}
},
"title": "Members to add or remove for a Group.",
"type": "object"
}
GroupMemberTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group for a particular member type",
"id": "GroupMemberTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"member_type": {
"required": true,
"title": "Member type for which we will list the tags",
"type": "string"
},
"tags": {
"items": {
"type": "string"
},
"required": true,
"title": "List of tags for the member type",
"type": "array"
}
},
"title": "Group tags list for a particular member type",
"type": "object"
}
GroupMemberType (type)
{
"enum": [
"VirtualMachine",
"VirtualNetworkInterface",
"SegmentPort",
"Segment",
"CloudNativeServiceInstance",
"IPAddress",
"MACAddress",
"IPSet",
"IdentityGroup",
"PhysicalServer",
"Pod",
"Service",
"Namespace",
"Cluster",
"TransportNode",
"Group",
"DVPG",
"DVPort"
],
"id": "GroupMemberType",
"module_id": "Policy",
"title": "Valid Group member type",
"type": "string"
}
GroupMemberTypeListResult (type)
{
"additionalProperties": false,
"id": "GroupMemberTypeListResult",
"module_id": "Policy",
"properties": {
"result_count": {
"readonly": true,
"required": true,
"title": "Count of the member types in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMemberType
},
"required": true,
"title": "Collection of member types for the given Group",
"type": "array"
}
},
"type": "object"
}
GroupMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Group. Using this entity, you can specify intent for applying monitoring profile to particular Group. Group with membership criteria vm only supported as source group. Port mirroring is only supported on group with five vms.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "GroupMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_profile_path": {
"description": "PolicyPath of associated IPFIX DFW Profile",
"required": false,
"title": "IPFIX DFW Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_DFW_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXDFWProfile"
]
}
]
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXL2Profile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_GROUP_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Group Monitoring Profile binding map",
"type": "object"
}
GroupMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "GroupMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group Monitoring Profile Binding Map list request parameters",
"type": "object"
}
GroupMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "GroupMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "GroupMonitoringProfileBindingMap
},
"required": true,
"title": "Group Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Group Monitoring Profile Binding Maps",
"type": "object"
}
GroupStatusListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "GroupStatusListRequestParameters",
"module_id": "Upgrade",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
GroupTagsList (type)
{
"additionalProperties": false,
"description": "Collection of tags used in a policy group listed per member type",
"id": "GroupTagsList",
"module_id": "PolicyGroupRealization",
"properties": {
"results": {
"items": {
"$ref": "GroupMemberTagsList
},
"required": true,
"title": "Collection of tags used in a policy group listed per member type",
"type": "array"
}
},
"title": "Group tags list listed per member type",
"type": "object"
}
GroupTypes (type)
{
"description": "ANTREA group type includes IPAddress, Pod, NameSpace and Service group member types.",
"enum": [
"IPAddress",
"ANTREA"
],
"id": "GroupTypes",
"module_id": "Policy",
"title": "Valid Group Types.",
"type": "string"
}
GuestInfo (type)
{
"additionalProperties": false,
"description": "Guest virtual machine details include OS name and computer name of guest VM.",
"id": "GuestInfo",
"module_id": "Inventory",
"properties": {
"computer_name": {
"description": "Computer name of guest virtual machine, which is set inside guest OS. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "Computer name",
"type": "string"
},
"os_name": {
"description": "OS name of guest virtual machine. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"readonly": true,
"required": false,
"title": "OS name",
"type": "string"
}
},
"title": "Guest virtual machine details",
"type": "object"
}
Header (type)
{
"additionalProperties": false,
"description": "Header of a widget that provides additional information. This will be shown at the container level. It includes details as label value pairs.",
"id": "Header",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the header will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"content_alignment": {
"default": "RIGHT",
"description": "Alignment of header labels.",
"enum": [
"LEFT",
"RIGHT"
],
"title": "alignment for labelvalue pair",
"type": "string"
},
"sub_header_widgets": {
"description": "An array of widgets which will appear inside the container header Instead of 'sub_headers' property use this property.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"title": "An array of widgets inside the container header",
"type": "array"
},
"sub_headers": {
"deprecated": true,
"description": "An array of label-value properties. This field is deprecated instead used 'sub_header_widgets' property to define header widgets.",
"items": {
"$ref": "PropertyItem
},
"minItems": 0,
"title": "Rows",
"type": "array"
}
},
"title": "Widget Header",
"type": "object"
}
HostUpgradeStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ComponentUpgradeStatus
},
"id": "HostUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"can_rollback": {
"description": "This field indicates whether we can perform upgrade rollback.",
"readonly": true,
"required": false,
"title": "Can perform rollback",
"type": "boolean"
},
"can_skip": {
"readonly": true,
"required": false,
"title": "Can the upgrade of the remaining units in this component be skipped",
"type": "boolean"
},
"component_type": {
"readonly": true,
"required": false,
"title": "Component type for the upgrade status",
"type": "string"
},
"current_version_node_summary": {
"$ref": "NodeSummaryList,
"readonly": true,
"required": false,
"title": "Mapping of current versions of nodes and counts of nodes at the respective versions."
},
"details": {
"readonly": true,
"required": false,
"title": "Details about the upgrade status",
"type": "string"
},
"node_count_at_target_version": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": false,
"title": "Count of nodes at target component version",
"type": "int"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"pre_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Pre-upgrade status of the component-type"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of component",
"type": "string"
},
"target_component_version": {
"readonly": true,
"required": false,
"title": "Target component version",
"type": "string"
}
},
"title": "Status of host upgrade",
"type": "object"
}
HostnameOrIPv4Address (type)
{
"format": "hostname-or-ipv4",
"id": "HostnameOrIPv4Address",
"module_id": "Common",
"title": "Hostname or IPv4 address",
"type": "string"
}
HostnameOrIPv4AddressOrEmptyString (type)
{
"id": "HostnameOrIPv4AddressOrEmptyString",
"maxLength": 255,
"module_id": "Common",
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$|^$",
"title": "Hostname or IPv4 address",
"type": "string"
}
HttpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "HttpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "http"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
}
},
"type": "object"
}
HttpRequestMethodType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"GET",
"OPTIONS",
"POST",
"HEAD",
"PUT"
],
"id": "HttpRequestMethodType",
"module_id": "LoadBalancer",
"title": "http monitor method",
"type": "string"
}
HttpRequestVersionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"HTTP_VERSION_1_0",
"HTTP_VERSION_1_1"
],
"id": "HttpRequestVersionType",
"module_id": "LoadBalancer",
"title": "http request version",
"type": "string"
}
HttpServiceProperties (type)
{
"additionalProperties": false,
"id": "HttpServiceProperties",
"properties": {
"basic_authentication_enabled": {
"default": true,
"description": "Identifies whether basic authentication is enabled or disabled in API calls.",
"title": "Enable or disable basic authentication",
"type": "boolean"
},
"certificate": {
"$ref": "Certificate,
"readonly": true,
"required": true
},
"cipher_suites": {
"items": {
"$ref": "CipherSuite
},
"minItems": 1,
"title": "Cipher suites used to secure contents of connection",
"type": "array"
},
"client_api_concurrency_limit": {
"default": 40,
"description": "The maximum number of concurrent API requests that will be serviced for a given authenticated client. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls",
"type": "integer"
},
"client_api_rate_limit": {
"default": 100,
"description": "The maximum number of API requests that will be serviced per second for a given authenticated client. If more API requests are received than can be serviced, a 429 Too Many Requests HTTP response will be returned. To disable API rate limiting, set this value to 0.",
"minimum": 0,
"title": "Client API rate limit in calls per second",
"type": "integer"
},
"connection_timeout": {
"maximum": 2147483647,
"minimum": 0,
"title": "NSX connection timeout, set to 0 to configure no timeout",
"type": "integer"
},
"cookie_based_authentication_enabled": {
"default": true,
"description": "Identifies whether cookie-based authentication is enabled or disabled in API calls. When cookie-based authentication is disabled, new sessions cannot be created via /api/session/create.",
"title": "Enable or disable cookie-based authentication",
"type": "boolean"
},
"global_api_concurrency_limit": {
"default": 100,
"description": "The maximum number of concurrent API requests that will be serviced. If the number of API requests being processed exceeds this limit, new API requests will be refused and a 503 Service Unavailable response will be returned to the client. To disable API concurrency limiting, set this value to 0.",
"minimum": 0,
"title": "Global API rate limit in calls",
"type": "integer"
},
"logging_level": {
"default": "INFO",
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": false,
"title": "Service logging level",
"type": "string"
},
"protocol_versions": {
"items": {
"$ref": "ProtocolVersion
},
"minItems": 1,
"title": "TLS protocol versions",
"type": "array"
},
"redirect_host": {
"$ref": "HostnameOrIPv4AddressOrEmptyString,
"default": "",
"title": "Host name or IP address to use for redirect location headers, or empty string to derive from current request"
},
"session_timeout": {
"maximum": 2147483647,
"minimum": 0,
"title": "NSX session inactivity timeout, set to 0 to configure no timeout",
"type": "integer"
}
},
"title": "HTTP Service properties",
"type": "object"
}
HttpsProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "HttpsProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "https"
},
"properties": {
"authentication_scheme": {
"$ref": "BasicAuthenticationScheme,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"sha256_thumbprint": {
"required": true,
"title": "SSL thumbprint of server",
"type": "string"
}
},
"type": "object"
}
ICMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "ICMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "ICMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_code": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message code",
"type": "integer"
},
"icmp_type": {
"maximum": 255,
"minimum": 0,
"required": false,
"title": "ICMP message type",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol": {
"enum": [
"ICMPv4",
"ICMPv6"
],
"required": true,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IPv4 or IPv6 ICMP protocol",
"type": "object"
}
IGMPTypeServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "IGMPTypeServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IGMPTypeServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents IGMP protocol",
"type": "object"
}
IPAddress (type)
{
"format": "ip",
"id": "IPAddress",
"module_id": "Common",
"title": "IPv4 or IPv6 address",
"type": "string"
}
IPAddressExpression (type)
{
"additionalProperties": false,
"description": "Represents IP address expressions in the form of an array, to support addition of IP addresses in a group. Avoid creating groups with multiple IPAddressExpression. In future releases, group will be restricted to contain a single IPAddressExpression. To group IPAddresses, use nested groups instead of multiple IPAddressExpressions.",
"extends": {
"$ref": "Expression
},
"id": "IPAddressExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPAddressExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_addresses": {
"description": "This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6. Both IPv4 and IPv6 addresses within one expression is not allowed. Supported list of formats are, \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\".",
"items": {
"$ref": "IPElement
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP address expression node",
"type": "object"
}
IPAddressGroupAssociationRequestParams (type)
{
"description": "List request parameters containing ip address and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPAddressGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"ip_address": {
"required": true,
"title": "IPAddress",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing ip address and enforcement point path",
"type": "object"
}
IPAddressList (type)
{
"additionalProperties": false,
"description": "Collection of IP Addresses.",
"id": "IPAddressList",
"module_id": "Policy",
"properties": {
"ip_addresses": {
"description": "The array contains IP addresses.",
"items": {
"$ref": "IPElement
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of IP addresses",
"type": "array"
}
},
"title": "IP Address collection.",
"type": "object"
}
IPAddressOrCIDRBlock (type)
{
"format": "address-or-cidr-block",
"id": "IPAddressOrCIDRBlock",
"module_id": "Common",
"title": "IPAddress or CIDR Block",
"type": "string"
}
IPAddresses (type)
{
"id": "IPAddresses",
"module_id": "PortMirroring",
"properties": {
"ip_addresses": {
"description": "The IP addresses in the form of IP Address, IP Range, CIDR, used as source IPs or destination IPs of filters.",
"items": {
"$ref": "IPElement
},
"minItems": 1,
"required": false,
"title": "IPs of the filter",
"type": "array"
}
},
"type": "object"
}
IPCIDRBlock (type)
{
"format": "ip-cidr-block",
"id": "IPCIDRBlock",
"module_id": "Common",
"title": "IPv4 or IPv6 CIDR Block",
"type": "string"
}
IPDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Using this profile to configure different options of IP Discovery",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPDiscoveryProfile",
"module_id": "PolicyIpDiscovery",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_nd_binding_timeout": {
"default": 10,
"description": "This property controls the ARP and ND cache timeout period. It is recommended that this property be greater than the ARP/ND cache timeout on the VM.",
"maximum": 120,
"minimum": 5,
"required": false,
"title": "ARP and ND cache timeout (in minutes)",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"duplicate_ip_detection": {
"$ref": "DuplicateIPDetectionOptions,
"description": "Duplicate IP detection is used to determine if there is any IP conflict with any other port on the same logical switch. If a conflict is detected, then the IP is marked as a duplicate on the port where the IP was discovered last. The duplicate IP will not be added to the realized address binings for the port and hence will not be used in DFW rules or other security configurations for the port.rt.",
"readonly": false,
"required": false,
"title": "Duplicate IP Dection Options"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_v4_discovery_options": {
"$ref": "IPv4DiscoveryOptions,
"description": "Indicates IPv4 Discovery options",
"required": false,
"title": "IPv4 Discovery options"
},
"ip_v6_discovery_options": {
"$ref": "IPv6DiscoveryOptions,
"description": "Indicates IPv6 Discovery options",
"required": false,
"title": "IPv6 Discovery options"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tofu_enabled": {
"default": true,
"description": "Indicates whether \"Trust on First Use(TOFU)\" paradigm is enabled.",
"required": false,
"title": "Is TOFU enabled or not",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"ip discovery segment profile"
],
"title": "IP Discovery Profile",
"type": "object"
}
IPDiscoveryProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPDiscoveryProfileListRequestParameters",
"module_id": "PolicyIpDiscovery",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IP Discovery Profile request parameters",
"type": "object"
}
IPDiscoveryProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPDiscoveryProfileListResult",
"module_id": "PolicyIpDiscovery",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPDiscoveryProfile
},
"required": true,
"title": "IP Discovery profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of IP Discovery Profiles",
"type": "object"
}
IPElement (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "address-or-block-or-range",
"id": "IPElement",
"module_id": "Common",
"title": "IP address, range, or subnet",
"type": "string"
}
IPElementList (type)
{
"description": "IPElement can be a single IP address, IP address range or a Subnet. Its type can be of IPv4 or IPv6. Supported list of formats are \"192.168.1.1\", \"192.168.1.1-192.168.1.100\", \"192.168.0.0/24\", \"fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:3181-fe80::250:56ff:fe83:318c\", \"fe80::250:56ff:fe83:318c/64\"",
"format": "list-of-address-or-block-or-range",
"id": "IPElementList",
"module_id": "Common",
"title": "List of IP address, range, or subnet",
"type": "string"
}
IPFIXDFWCollector (type)
{
"additionalProperties": false,
"description": "IPFIX DFW data will be collected on collector Host IP and Port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWCollector",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress,
"description": "IP address for the IPFIX DFW collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"description": "Port for the IPFIX DFW collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector",
"type": "object"
}
IPFIXDFWCollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX data for the NSX distributed firewall will be sent to the specified IPFIX collectors.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWCollectorProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collectors": {
"description": "It accepts Multiple Collectors.",
"items": {
"$ref": "IPFIXDFWCollector
},
"minItems": 1,
"required": true,
"title": "IPFIX DFW Collectors.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWCollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXDFWCollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Collector Profile request parameters",
"type": "object"
}
IPFIXDFWCollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXDFWCollectorProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWCollectorProfile
},
"required": true,
"title": "IPFIX DFW Collection Instances list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Collector Profile",
"type": "object"
}
IPFIXDFWProfile (type)
{
"additionalProperties": false,
"description": "IPFIX packets from source will be sent to IPFIX DFW collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXDFWProfile",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_flow_export_timeout": {
"default": 1,
"description": "For long standing active flows, IPFIX records will be sent per timeout period in minutes.",
"maximum": 60,
"minimum": 1,
"required": true,
"title": "Active timeout (Minutes)",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_dfw_collector_profile_path": {
"description": "Policy path for IPFIX collector profiles. IPFIX data from these logical segments will be sent to all specified IPFIX collectors.",
"required": true,
"title": "IPFIX collector Paths",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXDFWProfile"
],
"relationshipType": "IPFIX_DFW_COLLECTION_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXDFWCollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 65536,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 32000,
"minimum": 0,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX DFW Profile",
"type": "object"
}
IPFIXDFWProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXDFWProfileListRequestParameters",
"module_id": "PolicyIPFIXDFW",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX DFW Profile request parameters",
"type": "object"
}
IPFIXDFWProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXDFWProfileListResult",
"module_id": "PolicyIPFIXDFW",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXDFWProfile
},
"required": true,
"title": "IPFIX DFW Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX DFW Profile",
"type": "object"
}
IPFIXL2Collector (type)
{
"additionalProperties": false,
"description": "IPFIX packets will be collected on collector. IP and port address should be provided for collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2Collector",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"collector_ip_address": {
"$ref": "IPAddress,
"description": "IP address for the IPFIX L2 collector. IP addresses such as 0.0.0.0, 127.0.0.1, 255.255.255.255 are invalid.",
"required": true,
"title": "IP address"
},
"collector_port": {
"default": 4739,
"description": "Port number for the IPFIX L2 collector.",
"maximum": 65535,
"minimum": 0,
"title": "Port",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector",
"type": "object"
}
IPFIXL2CollectorProfile (type)
{
"additionalProperties": false,
"description": "IPFIX L2 data will be collected on collectors.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2CollectorProfile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_collectors": {
"description": "It accepts Multiple Collector objects.",
"items": {
"$ref": "IPFIXL2Collector
},
"maxItems": 4,
"minItems": 1,
"required": true,
"title": "It accepts Multiple Collector objects.",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Collector Profile",
"type": "object"
}
IPFIXL2CollectorProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXL2CollectorProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX collector profile request parameters",
"type": "object"
}
IPFIXL2CollectorProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXL2CollectorProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2CollectorProfile
},
"required": true,
"title": "IPFIX collector Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged list of IPFIX collector profiles.",
"type": "object"
}
IPFIXL2Profile (type)
{
"additionalProperties": false,
"description": "IPFIX data from source logical segment, port, group will be forwarded to IPFIX collector.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPFIXL2Profile",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired even if more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"title": "Active timeout",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"export_overlay_flow": {
"default": true,
"description": "This property controls whether overlay flow info is included in the sample result.",
"required": false,
"title": "Export overlay Flow",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "The time in seconds after a flow is expired if no more packets matching this flow are received by the cache.",
"maximum": 3600,
"minimum": 60,
"required": false,
"title": "Idle timeout",
"type": "int"
},
"ipfix_collector_profile_path": {
"description": "Policy path for IPFIX collector profile. User can specify only one IPFIX collector.",
"required": true,
"title": "IPFIX collector Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPFIXL2Profile"
],
"relationshipType": "IPFIX_L2_PROFILE_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXL2CollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_flows": {
"default": 16384,
"description": "The maximum number of flow entries in each exporter flow cache.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Max flows",
"type": "integer"
},
"observation_domain_id": {
"default": 0,
"description": "An identifier that is unique to the exporting process and used to meter the flows.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Observation domain ID",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"packet_sample_probability": {
"default": 0.1,
"description": "The probability in percentage that a packet is sampled, in range 0-100. The probability is equal for every packet.",
"exclusiveMinimum": true,
"maximum": 100,
"minimum": 0,
"required": true,
"title": "Packet sample probability",
"type": "number"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"priority": {
"default": 0,
"description": "This priority field is used to resolve conflicts in Segment Ports which are covered by more than one IPFIX profiles. The IPFIX exporter will send records to Collectors in highest priority profile (lowest number) only.",
"maximum": 32000,
"minimum": 0,
"required": false,
"title": "Config Priority",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPFIX L2 Profile",
"type": "object"
}
IPFIXL2ProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IPFIXL2ProfileListRequestParameters",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "IPFIX L2 Profile request parameters",
"type": "object"
}
IPFIXL2ProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "IPFIXL2ProfileListResult",
"module_id": "PolicyIPFIXSwitch",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPFIXL2Profile
},
"required": true,
"title": "IPFIX L2 Profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of IPFIX L2 Profile",
"type": "object"
}
IPInfo (type)
{
"id": "IPInfo",
"module_id": "ServiceInsertionCommonTypes",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IPv4 Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 32,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPProtocolServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "IPProtocolServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IPProtocolServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocol_number": {
"maximum": 255,
"minimum": 0,
"required": true,
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents an IP protocol",
"type": "object"
}
IPSecDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IPSecDigestAlgorithms are used to verify message integrity during IPSec VPN tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IPSecDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IPSec tunnel establishment",
"type": "string"
}
IPSecEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IPSecEncryptionAlgorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication. NO_ENCRYPTION_AUTH_AES_GMAC_* enables authentication on input data without encyption. Digest algorithm should be empty for this option.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256",
"NO_ENCRYPTION_AUTH_AES_GMAC_128",
"NO_ENCRYPTION_AUTH_AES_GMAC_192",
"NO_ENCRYPTION_AUTH_AES_GMAC_256",
"NO_ENCRYPTION"
],
"id": "IPSecEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithm used in IPSec tunnel",
"type": "string"
}
IPSecVpnDpdProfile (type)
{
"additionalProperties": false,
"description": "Dead peer detection (DPD) is a method that allows detection of unreachable internet key excahnge (IKE) peers. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnDpdProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_probe_interval": {
"description": "DPD probe interval defines an interval for DPD probes (in seconds). - When the DPD probe mode is periodic, this interval is the number of seconds between DPD messages. - When the DPD probe mode is on-demand, this interval is the number of seconds during which traffic is not received from the peer before DPD retry messages are sent if there is IPSec traffic to send. For PERIODIC Mode: Minimum: 3 Maximum: 360 Default: 60 For ON_DEMAND Mode: Minimum: 1 Maximum: 10 Default: 10",
"title": "DPD Probe Interval",
"type": "integer"
},
"dpd_probe_mode": {
"default": "PERIODIC",
"description": "DPD probe mode is used to query the liveliness of the peer. Two modes are possible: - PERIODIC: is used to query the liveliness of the peer at regular intervals (dpd_probe_interval). It does not take into consideration traffic coming from the peer. The benefit of this mode over the on-demand mode is earlier detection of dead peers. However, use of periodic DPD incurs extra overhead. When communicating to large numbers of peers, please consider using on-demand DPD instead. - ON_DEMAND: is used to query the liveliness of the peer by instructing the local endpoint to send DPD message to a peer if there is traffic to send to the peer AND the peer was idle for dpd_probe_interval seconds (i.e. there was no traffic from the peer for dpd_probe_interval seconds).",
"enum": [
"PERIODIC",
"ON_DEMAND"
],
"title": "DPD Probe Mode",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable dead peer detection.",
"title": "Enable dead peer detection (DPD)",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retry_count": {
"default": 10,
"description": "Maximum number of DPD messages' retry attempts. This value is applicable for both dpd probe modes, periodic and on-demand.",
"maximum": 100,
"minimum": 1,
"title": "Retry Count",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dead peer detection (DPD) profile",
"type": "object"
}
IPSecVpnIkeProfile (type)
{
"additionalProperties": false,
"description": "IKE Profile is a reusable profile that captures IKE phase one negotiation parameters. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnIkeProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup
},
"title": "DH group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. A default value of SHA2_256 will be applied only when the supplied encryption algorithms contain either AES_128 or AES_256.",
"items": {
"$ref": "IkeDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encryption_algorithms": {
"description": "Encryption algorithm is used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "IkeEncryptionAlgorithm
},
"title": "Encryption algorithm for IKE",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_version": {
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"title": "IKE version",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 86400,
"description": "Life time for security association. Default is 86400 seconds (1 day).",
"maximum": 31536000,
"minimum": 21600,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Internet key exchange (IKE) profile",
"type": "object"
}
IPSecVpnLocalEndpoint (type)
{
"additionalProperties": false,
"description": "Local endpoint represents a tier-0/tier-1 on which tunnel needs to be terminated. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope attribute at the corresponding LM. Local endpoint without any scope will be realized on all sites. The scope attribute is applicable only on GM not on LM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnLocalEndpoint",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_path": {
"description": "Policy path referencing site certificate.",
"title": "Certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"local_address": {
"$ref": "IPv4Address,
"description": "IPV4 Address of local endpoint.",
"required": true,
"title": "IPV4 Address of local endpoint"
},
"local_id": {
"description": "Local identifier.",
"title": "Local identifier",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Scope attribute refers to the Policy path identifying the LocaleService of specific site where all the local end point configurations will be realized. In federation, all the configuration done for the local endpoint on GM will be realized based on the scope at the corresponding LM. Local endpoint without any scope will be realized on all sites. This attribute will not be applicable on LM.",
"required": false,
"title": "scope identify the site to which LocalEndpoint configuration associated with. Applicable only in GM",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_LOCALE_SERVICE_RELATIONSHIP",
"rightType": [
"LocaleServices"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trust_ca_paths": {
"description": "List of policy paths referencing certificate authority (CA) to verify peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate authority (CA) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"trust_crl_paths": {
"description": "List of policy paths referencing certificate revocation list (CRL) to peer certificates.",
"items": {
"type": "string"
},
"title": "Certificate revocation list (CRL) paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IPSecVpnLocalEndpoint"
],
"relationshipType": "IPSEC_VPN_LOCAL_ENDPOINT_TLS_CRL_RELATIONSHIP",
"rightType": [
"TlsCrl"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Local Endpoint",
"type": "object"
}
IPSecVpnRule (type)
{
"additionalProperties": false,
"description": "For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy\u2019s match criteria.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnRule",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"default": "PROTECT",
"description": "PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"readonly": true,
"title": "Action to be applied",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of peer subnets. Specifying no value is interpreted as 0.0.0.0/0.",
"items": {
"$ref": "IPSecVpnSubnet
},
"maxItems": 128,
"required": false,
"title": "Destination list",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A flag to enable/disable the rule.",
"title": "Enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "A flag to enable/disable the logging for the rule.",
"title": "Logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "A sequence number is used to give a priority to an IPSecVpnRule.",
"minimum": 0,
"required": false,
"title": "Sequence number of the IPSecVpnRule",
"type": "int"
},
"sources": {
"description": "List of local subnets. Specifying no value is interpreted as 0.0.0.0/0.",
"items": {
"$ref": "IPSecVpnSubnet
},
"maxItems": 128,
"required": false,
"title": "Source list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN Rule",
"type": "object"
}
IPSecVpnService (type)
{
"additionalProperties": false,
"description": "Create and manage IPSec VPN service under tier-0/tier-1.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnService",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bypass_rules": {
"description": "Bypass policy rules are configured using VPN service. Bypass rules always have higher priority over protect rules and they affect all policy based vpn sessions associated with the IPSec VPN service. Protect rules are defined per policy based vpn session.",
"items": {
"$ref": "IPSecVpnRule
},
"required": false,
"title": "Bypass Policy rules",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable VPN services under tier-0/tier-1.",
"title": "Enable virtual private network (VPN) service",
"type": "boolean"
},
"ha_sync": {
"default": true,
"description": "Enable/disable IPSec HA state sync. IPSec HA state sync can be disabled if in case there are performance issues w.r.t. the state sync messages.",
"title": "Flag to enable IPSec HA State Sync",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN service",
"type": "object"
}
IPSecVpnSession (type)
{
"abstract": true,
"additionalProperties": false,
"description": "VPN session defines connection between local and peer endpoint. Until VPN session is defined configuration is not realized.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"description": "Public IPV4 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "IPV4 address of peer endpoint on remote site",
"type": "string"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN session",
"type": "object"
}
IPSecVpnSessionResourceType (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"enum": [
"PolicyBasedIPSecVpnSession",
"RouteBasedIPSecVpnSession"
],
"id": "IPSecVpnSessionResourceType",
"module_id": "PolicyVpnIPSecVpn",
"title": "Resource types of IPsec VPN session",
"type": "string"
}
IPSecVpnSubnet (type)
{
"additionalProperties": false,
"description": "Used to specify the local/peer subnets in IPSec VPN rule.",
"id": "IPSecVpnSubnet",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"subnet": {
"$ref": "IPv4CIDRBlock,
"description": "Subnet used in policy rule.",
"required": true,
"title": "Peer or local subnet"
}
},
"title": "Subnet for IPSec Policy based VPN",
"type": "object"
}
IPSecVpnTunnelInterface (type)
{
"additionalProperties": false,
"description": "IP tunnel interface configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnTunnelInterface",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_subnets": {
"description": "IP Tunnel interface (commonly referred as VTI) subnet.",
"items": {
"$ref": "TunnelInterfaceIPSubnet
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP Tunnel interface subnet",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP tunnel interface configuration",
"type": "object"
}
IPSecVpnTunnelProfile (type)
{
"additionalProperties": false,
"description": "IPSec VPN tunnel profile is a reusable profile that captures phase two negotiation parameters and IPSec tunnel properties. Any changes affects all IPSec VPN sessions consuming this profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IPSecVpnTunnelProfile",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"df_policy": {
"default": "COPY",
"description": "Defragmentation policy helps to handle defragmentation bit present in the inner packet. COPY copies the defragmentation bit from the inner IP packet into the outer packet. CLEAR ignores the defragmentation bit present in the inner packet.",
"enum": [
"COPY",
"CLEAR"
],
"title": "Policy for handling defragmentation bit",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default is GROUP14.",
"items": {
"$ref": "DhGroup
},
"title": "Dh group",
"type": "array"
},
"digest_algorithms": {
"description": "Algorithm to be used for message digest. Default digest algorithm is implicitly covered by default encryption algorithm \"AES_GCM_128\".",
"items": {
"$ref": "IPSecDigestAlgorithm
},
"title": "Algorithm for message hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "IPSecEncryptionAlgorithm
},
"title": "Encryption algorithm to use in IPSec tunnel establishement",
"type": "array"
},
"extended_attributes": {
"description": "Collection of type specific properties. As of now, to hold encapsulation mode and transform protocol.",
"items": {
"$ref": "AttributeVal
},
"readonly": true,
"required": false,
"title": "Extended Attributes.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sa_life_time": {
"default": 3600,
"description": "SA life time specifies the expiry time of security association. Default is 3600 seconds.",
"maximum": 31536000,
"minimum": 900,
"title": "Security association (SA) life time",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IPSec VPN tunnel profile",
"type": "object"
}
IPSubnet (type)
{
"additionalProperties": false,
"id": "IPSubnet",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_addresses": {
"description": "All IP addresses, some of which may be automatically configured. When updating this field, the payload may contain only the IP addresses that should be changed, or may contain the IP addresses to change as well as the automatically assigned addresses. Currently, only one updatable address and one system-maintained address are supported. Currently, the system-maintained address supported is Extended Unique Identifier(EUI)-64 address. EUI-64 address is generated by the system only when user configured ip-subnet has prefix length less than or equal to 64.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "IP Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
IPv4Address (type)
{
"format": "ipv4",
"id": "IPv4Address",
"module_id": "Common",
"title": "IPv4 address",
"type": "string"
}
IPv4AddressProperties (type)
{
"additionalProperties": false,
"id": "IPv4AddressProperties",
"properties": {
"ip_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface IPv4 address",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface netmask",
"type": "string"
}
},
"title": "IPv4 address properties",
"type": "object"
}
IPv4CIDRBlock (type)
{
"format": "ipv4-cidr-block",
"id": "IPv4CIDRBlock",
"module_id": "Common",
"title": "IPv4 CIDR Block",
"type": "string"
}
IPv4DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv4 related discovery options.",
"id": "IPv4DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"arp_snooping_config": {
"$ref": "ArpSnoopingConfig,
"description": "Indicates ARP snooping options",
"required": false,
"title": "ARP snooping configuration"
},
"dhcp_snooping_enabled": {
"default": true,
"description": "Indicates whether DHCP snooping is enabled",
"required": false,
"title": "Is DHCP snooping enabled or not",
"type": "boolean"
},
"vmtools_enabled": {
"default": true,
"description": "Indicates whether fetching IP using vm-tools is enabled. This option is only supported on ESX where vm-tools is installed.",
"required": false,
"title": "Is VM tools enabled or not",
"type": "boolean"
}
},
"title": "IPv4 discovery options",
"type": "object"
}
IPv6Address (type)
{
"format": "ipv6",
"id": "IPv6Address",
"module_id": "Common",
"title": "IPv6 address",
"type": "string"
}
IPv6CIDRBlock (type)
{
"format": "ipv6-cidr-block",
"id": "IPv6CIDRBlock",
"module_id": "Common",
"title": "IPv6 CIDR Block",
"type": "string"
}
IPv6DADStatus (type)
{
"additionalProperties": false,
"id": "IPv6DADStatus",
"module_id": "LogicalRouterPorts",
"properties": {
"ip_address": {
"$ref": "IPAddress,
"description": "IP address on the port for which DAD status is reported.",
"readonly": true,
"required": false,
"title": "IP address"
},
"status": {
"$ref": "DADStatus,
"description": "DAD status for IP address on the port.",
"readonly": true,
"required": false,
"title": "DAD Status"
},
"transport_node": {
"description": "Array of transport node id on which DAD status is reported for given IP address.",
"items": {
"$ref": "ResourceReference
},
"readonly": true,
"required": false,
"title": "Transport node",
"type": "array"
}
},
"title": "IPv6 DAD status",
"type": "object"
}
IPv6DiscoveryOptions (type)
{
"additionalProperties": false,
"description": "Contains IPv6 related discovery options.",
"id": "IPv6DiscoveryOptions",
"module_id": "PolicyIpDiscovery",
"properties": {
"dhcp_snooping_v6_enabled": {
"default": false,
"description": "Enable this method will snoop the DHCPv6 message transaction which a VM makes with a DHCPv6 server. From the transaction, we learn the IPv6 addresses assigned by the DHCPv6 server to this VM along with its lease time.",
"required": false,
"title": "Is DHCP snoping v6 enabled or not",
"type": "boolean"
},
"nd_snooping_config": {
"$ref": "NdSnoopingConfig,
"description": "Indicates ND snooping options",
"required": false,
"title": "ND snooping configuration"
},
"vmtools_v6_enabled": {
"default": false,
"description": "Enable this method will learn the IPv6 addresses which are configured on interfaces of a VM with the help of the VMTools software.",
"required": false,
"type": "boolean"
}
},
"title": "IPv6 discovery options",
"type": "object"
}
IPv6Status (type)
{
"additionalProperties": false,
"id": "IPv6Status",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"connected_segment_path": {
"description": "Path of the segment attached to the interface.",
"readonly": true,
"required": false,
"title": "Connected segment path",
"type": "string"
},
"dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the interface.",
"items": {
"$ref": "IPv6DADStatus
},
"readonly": true,
"title": "IPv6 DAD status",
"type": "array"
},
"interface_id": {
"description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.",
"title": "Policy path or realization ID of interface",
"type": "string"
},
"tier0_gateway": {
"description": "Tier-0 Gateway this router Link belongs to.",
"title": "Tier-0 Gateway",
"type": "string"
},
"tier1_gateway": {
"description": "Tier-1 Gateway this router Link belongs to.",
"title": "Tier-1 Gateway",
"type": "string"
}
},
"title": "IPv6 status",
"type": "object"
}
IcmpEchoRequestHeader (type)
{
"additionalProperties": false,
"id": "IcmpEchoRequestHeader",
"module_id": "Traceflow",
"properties": {
"id": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP id",
"type": "integer"
},
"sequence": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "ICMP sequence number",
"type": "integer"
}
},
"type": "object"
}
Icon (type)
{
"additionalProperties": false,
"description": "Icon to be applied at dashboard for widgets and UI elements.",
"id": "Icon",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"color": {
"description": "Icon color applied to icon in hex format.",
"title": "Icon color applied to icon in hex format",
"type": "string"
},
"placement": {
"default": "PRE",
"description": "If specified as PRE, the icon appears before the UI element. If set as POST, the icon appears after the UI element.",
"enum": [
"PRE",
"POST"
],
"title": "Position at which to display icon, if any",
"type": "string"
},
"size": {
"description": "Icon size in unit applied to icon.A unit can be specified by the 'size_unit' property.",
"minimum": 1,
"title": "Icon size in unit",
"type": "number"
},
"size_unit": {
"description": "Icon size unit applied to icon along with size. if 'size' property value is provided and no value is provided for this property then default value for this proerty is set to 'px'.",
"enum": [
"px",
"rem",
"pc"
],
"title": "Icon size unit in rem/px/pc",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the icon.",
"items": {
"$ref": "Tooltip
},
"title": "Multi-line tooltip",
"type": "array"
},
"type": {
"description": "Icon will be rendered based on its type. For example, if ERROR is chosen, then icon representing error will be rendered. or else custom svg icon name can be given.",
"title": "Type of icon",
"type": "string"
}
},
"title": "Icon",
"type": "object"
}
IdentityGroupExpression (type)
{
"additionalProperties": false,
"description": "Represents a list of identity group (Ad group SID) expressions.",
"extends": {
"$ref": "Expression
},
"id": "IdentityGroupExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "IdentityGroupExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"identity_groups": {
"description": "This array consists of set of identity group object. All members within this array are implicitly OR'ed together.",
"items": {
"$ref": "IdentityGroupInfo
},
"maxItems": 500,
"minItems": 1,
"required": true,
"title": "Array of identity group",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IdentityGroup expression node",
"type": "object"
}
IdentityGroupInfo (type)
{
"id": "IdentityGroupInfo",
"module_id": "PolicyIdentity",
"properties": {
"distinguished_name": {
"description": "Each LDAP object is uniquely identified by its distinguished name (DN). A DN is a sequence of relative distinguished names (RDN) connected by commas. e.g. CN=Larry Cole,CN=admin,DC=corp,DC=acme,DC=com. A valid fully qualified distinguished name should be provided to include specific groups else the create / update realization of the Group containing an invalid/ partial DN will fail. This value is valid only if it matches to exactly 1 LDAP object on the LDAP server.",
"required": true,
"title": "LDAP distinguished name",
"type": "string"
},
"domain_base_distinguished_name": {
"description": "This is the base distinguished name for the domain where this particular group resides. (e.g. dc=example,dc=com) Each active directory domain has a domain naming context (NC), which contains domain-specific data. The root of this naming context is represented by a domain's distinguished name (DN) and is typically referred to as the NC head.",
"required": true,
"title": "Identity (Directory) domain base distinguished name",
"type": "string"
},
"sid": {
"description": "A security identifier (SID) is a unique value of variable length used to identify a trustee. A SID consists of the following components: The revision level of the SID structure; A 48-bit identifier authority value that identifies the authority that issued the SID; A variable number of subauthority or relative identifier (RID) values that uniquely identify the trustee relative to the authority that issued the SID. This field is only populated for Microsoft Active Directory identity store.",
"required": false,
"title": "Identity (Directory) Group SID (security identifier)",
"type": "string"
}
},
"title": "Identity (Directory) group",
"type": "object"
}
IdentitySourceLdapServer (type)
{
"description": "Information about a single LDAP server.",
"id": "IdentitySourceLdapServer",
"module_id": "LdapIdentitySources",
"properties": {
"bind_identity": {
"description": "A username used to authenticate to the directory when admnistering roles in NSX. This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. [email protected]) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).",
"title": "Username or DN for LDAP authentication",
"type": "string"
},
"certificates": {
"description": "If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.",
"items": {
"type": "string"
},
"title": "TLS certificate(s) for LDAP server(s)",
"type": "array"
},
"enabled": {
"default": true,
"description": "Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users.",
"title": "If true, this LDAP server is enabled",
"type": "boolean"
},
"password": {
"description": "A password used when authenticating to the directory.",
"sensitive": true,
"title": "Username for LDAP authentication",
"type": "string"
},
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Enable/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server",
"type": "object"
}
IdentitySourceLdapServerEndpoint (type)
{
"description": "Information about a single LDAP server endpoint.",
"id": "IdentitySourceLdapServerEndpoint",
"module_id": "LdapIdentitySources",
"properties": {
"url": {
"description": "The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.",
"required": true,
"title": "The URL for the LDAP server",
"type": "string"
},
"use_starttls": {
"default": false,
"description": "If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.",
"title": "Eanble/disable StartTLS",
"type": "boolean"
}
},
"title": "An LDAP server endpoint",
"type": "object"
}
IdentitySourceLdapServerProbeResult (type)
{
"description": "The results of probing an individual LDAP server.",
"id": "IdentitySourceLdapServerProbeResult",
"module_id": "LdapIdentitySources",
"properties": {
"errors": {
"description": "Detail about errors encountered during the probe.",
"items": {
"$ref": "LdapProbeError
},
"title": "Error details",
"type": "array"
},
"result": {
"description": "Overall result of the probe. If the probe was able to connect to the LDAP service, authenticate using the provided credentials, and perform searches of the configured user and group search bases without error, the result is SUCCESS. Otherwise, the result is FAILURE, and additional details may be found in the errors property.",
"enum": [
"SUCCESS",
"FAILURE"
],
"title": "Overall result",
"type": "string"
},
"url": {
"description": "THe URL of the probed LDAP host.",
"title": "LDAP Server URL",
"type": "string"
}
},
"title": "Results from one LDAP server probe",
"type": "object"
}
IdsClusterConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to enable/disable IDS on cluster level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsClusterConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cluster": {
"$ref": "PolicyResourceReference,
"description": "Contains policy resource reference object",
"readonly": false,
"required": true,
"title": "PolicyResourceReference"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on the respective cluster",
"readonly": false,
"required": true,
"title": "Ids enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System cluster configuration",
"type": "object"
}
IdsGatewayPolicy (type)
{
"description": "Represents the Intrusion Detection System Gateway Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy
},
"id": "IdsGatewayPolicy",
"module_id": "PolicyIDSGateway",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsGlobalEventConfig (type)
{
"additionalProperties": false,
"description": "Represents IDS event publishing configuration for NSX-I and NDR.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsGlobalEventConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_data_topic_name": {
"default": "ids_data",
"required": false,
"title": "kafka topic into which to publish IDS events.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_ids_events": {
"default": false,
"description": "When this flag is set to true, IDS events will be sent to kafka, for consumption by components such as NSX-I and NDR.",
"required": false,
"title": "A flag to indicate if IDS events need to be sent to kafka",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System global event configuration\n",
"type": "object"
}
IdsPolicy (type)
{
"description": "Represents the Intrusion Detection System Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "Policy
},
"id": "IdsPolicy",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsProfile (type)
{
"additionalProperties": false,
"description": "IDS Profile which contains the signatures and will be used in IDS rules.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsProfile",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"criteria": {
"description": "Represents the filtering criteria for the IDS Profile. 1. A non-empty criteria list, must be of odd size. In a list, with indices starting from 0, all IdsProfileFilterCriteria must be at even indices, separated by the IdsProfileConjunctionOperator AND at odd indices. 2. There may be at most 7 IdsProfileCriteria objects inside a list.",
"items": {
"$ref": "IdsProfileCriteria
},
"maxItems": 7,
"required": false,
"title": "Filtering criteria of IDS Profile",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"overridden_signatures": {
"description": "Represents the signatures that has been overridden for this Profile.",
"items": {
"$ref": "IdsProfileLocalSignature
},
"required": false,
"title": "Represents the signatures that is overridden for the Profile",
"type": "array"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_severity": {
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "ProfileSeverity
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severities": {
"deprecated": true,
"description": "Represents the severities of signatures which are part of this profile.",
"items": {
"$ref": "IdsProfileSeverity
},
"required": false,
"title": "IDS Profile severity",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile",
"type": "object"
}
IdsProfileConjunctionOperator (type)
{
"additionalProperties": false,
"description": "Represents the operator AND.",
"extends": {
"$ref": "IdsProfileCriteria
},
"id": "IdsProfileConjunctionOperator",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileConjunctionOperator"
},
"properties": {
"operator": {
"enum": [
"AND"
],
"required": true,
"title": "IDS Profile Filter Condition",
"type": "string"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Represents the operator AND",
"type": "object"
}
IdsProfileCriteria (type)
{
"abstract": true,
"additionalProperties": false,
"description": "All the filtering criteria objects extend from this abstract class. This is present for extensibility.",
"id": "IdsProfileCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "Base class for IDS Profile criteria",
"type": "object"
}
IdsProfileFilterCriteria (type)
{
"additionalProperties": false,
"description": "Represents the filtering criteria of a IDS Profile.",
"extends": {
"$ref": "IdsProfileCriteria
},
"id": "IdsProfileFilterCriteria",
"module_id": "PolicyIDS",
"polymorphic-type-descriptor": {
"type-identifier": "IdsProfileFilterCriteria"
},
"properties": {
"filter_name": {
"description": "Represents the filter for IDS Profile.",
"enum": [
"CVSS",
"ATTACK_TARGET",
"ATTACK_TYPE",
"PRODUCT_AFFECTED"
],
"required": true,
"title": "Represents the filter name",
"type": "string"
},
"filter_value": {
"description": "Represents the value of selected filter name. Note : The supported values for filter name CVSS are NONE, LOW, MEDIUM, HIGH, CRITICAL. NONE means CVSS score as 0.0 LOW means CVSS score as 0.1-3.9 MEDIUM means CVSS score as 4.0-6.9 HIGH means CVSS score as 7.0-8.9 CRITICAL means CVSS score as 9.0-10.0",
"items": {
"type": "string"
},
"required": true,
"title": "Represents the value of selected filter name",
"type": "array"
},
"resource_type": {
"enum": [
"IdsProfileConjunctionOperator",
"IdsProfileFilterCriteria"
],
"required": true,
"type": "string"
}
},
"title": "IDS Profile filter criteria",
"type": "object"
}
IdsProfileLocalSignature (type)
{
"additionalProperties": false,
"description": "IDS Profile local signature.",
"extends": {
"$ref": "GlobalIdsSignature
},
"id": "IdsProfileLocalSignature",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "It denotes the global action of a IDS Signature. This will take precedence over IDS signature's action.",
"enum": [
"ALERT",
"DROP",
"REJECT"
],
"title": "Global IDS signature's action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"default": true,
"description": "Flag through which user can Enable/Disable a Signature at Global Level.",
"title": "Flag to Enable/Disable a IDS Signature globally.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": true,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IDS Profile local signature",
"type": "object"
}
IdsProfileSeverity (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Profile severity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsProfileSeverity",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_signatures": {
"description": "Contains the id of signatures that will be ignored as part of the profile. This field is deprecated, please use ignore_signatures field under IdsProfile to ignore the signatures.",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the signatures that will be ignored",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"severity": {
"description": "Represents the severity of a profile.",
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"SUSPICIOUS"
],
"required": true,
"title": "Severity of profile",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System Profile severity",
"type": "object"
}
IdsRule (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System rule which indicates the action to be performed for the corresponding workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "IdsRule",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied.",
"enum": [
"DETECT",
"DETECT_PREVENT"
],
"title": "Action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_profiles": {
"description": "collections of IDS or Anti-Malware profiles. At Max 1 each Profile will be supported.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 1,
"required": false,
"title": "IDS profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"MalwarePreventionProfile"
]
}
]
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the IDS security policy rule between the workload groups",
"type": "object"
}
IdsSecurityPolicy (type)
{
"description": "Represents the Intrusion Detection System Security Policy, which contains the list of IDS Rules.",
"extends": {
"$ref": "IdsPolicy
},
"id": "IdsSecurityPolicy",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "IdsRule
},
"required": false,
"title": "IDS Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of IDS Rules",
"type": "object"
}
IdsSettings (type)
{
"additionalProperties": false,
"description": "Represents the Intrusion Detection System settings.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSettings",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_update": {
"default": false,
"description": "Parameter to let the user decide whether to update the IDS Signatures automatically or not.",
"required": false,
"title": "Auto update signatures flag",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_events_to_syslog": {
"default": false,
"description": "Flag to send IDS events to syslog server.",
"required": false,
"title": "Flag to send IDS events to syslog server.",
"type": "boolean"
},
"ids_ever_enabled": {
"description": "Flag which tells whether IDS was ever enabled.",
"readonly": true,
"required": false,
"title": "Flag which tells whether IDS was ever enabled.",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System settings\n",
"type": "object"
}
IdsSignature (type)
{
"additionalProperties": false,
"description": "Intrusion Detection System Signature .",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSignature",
"module_id": "PolicyIDSMetrics",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Signature action.",
"required": false,
"title": "Represents the signature's action",
"type": "string"
},
"attack_target": {
"description": "Target of the signature.",
"required": false,
"title": "Signature attack target",
"type": "string"
},
"categories": {
"description": "Represents the internal categories a signature belongs to.",
"items": {
"$ref": "IdsSignatureInternalCategory
},
"required": false,
"title": "IDS Signature Internal category",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"class_type": {
"description": "Class type of Signature.",
"required": false,
"title": "Signature class type",
"type": "string"
},
"confidence": {
"description": "Signature's confidence score.",
"title": "Confidence",
"type": "string"
},
"cves": {
"description": "CVE score",
"items": {
"type": "string"
},
"required": false,
"title": "Represents the cve score.",
"type": "array"
},
"cvss": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. NONE means cvssv3/cvssv2 score as 0.0 LOW means cvssv3/cvssv2 score as 0.1-3.9 MEDIUM means cvssv3/cvssv2 score as 4.0-6.9 HIGH means cvssv3/cvssv2 score as 7.0-8.9 CRITICAL means cvssv3/cvssv2 score as 9.0-10.0",
"enum": [
"NONE",
"LOW",
"MEDIUM",
"HIGH",
"CRITICAL"
],
"required": false,
"title": "CVSS of signature",
"type": "string"
},
"cvss_score": {
"description": "Represents the cvss value of a Signature. The value is derived from cvssv3 or cvssv2 score. If cvssv3 exists, then this is the cvssv3 score, else it is the cvssv2 score.",
"required": false,
"title": "Signature CVSS score",
"type": "string"
},
"cvssv2": {
"description": "Signature cvssv2 score.",
"required": false,
"title": "Signature cvssv2 score",
"type": "string"
},
"cvssv3": {
"description": "Signature cvssv3 score.",
"required": false,
"title": "Signature cvssv3 score",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"direction": {
"description": "Source-destination direction.",
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable": {
"description": "Flag which tells whether the signature is enabled or not.",
"required": false,
"title": "Enable/Disable flag",
"type": "boolean"
},
"flow": {
"description": "Flow established from server, from client etc.",
"required": false,
"title": "Flow established.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"impact": {
"description": "Impact of Signature.",
"title": "Impact",
"type": "string"
},
"malware_family": {
"description": "Family of the malware tracked in the signature.",
"title": "Malware Family",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mitre_attack": {
"description": "Mitre Attack details of Signature.",
"items": {
"$ref": "MitreAttack
},
"title": "MitreAttack",
"type": "array"
},
"name": {
"description": "Signature name.",
"required": false,
"title": "Represents the signature name",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"performance_impact": {
"description": "Performance impact of the signature.",
"title": "Performance impact",
"type": "string"
},
"policy": {
"description": "Signature policy.",
"items": {
"type": "string"
},
"title": "Policy",
"type": "array"
},
"product_affected": {
"description": "Product affected by this signature.",
"required": false,
"title": "Signature product affected",
"type": "string"
},
"protocol": {
"description": "Protocol used in the packet analysis.",
"title": "Protocol",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"risk_score": {
"description": "Risk score of signature.",
"title": "Risk Score",
"type": "string"
},
"severity": {
"description": "Represents the severity of the Signature.",
"required": false,
"title": "Signature severity",
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"signature_revision": {
"description": "Represents revision of the Signature.",
"required": false,
"title": "Signature revision",
"type": "string"
},
"signature_severity": {
"description": "Signature vendor set severity of the signature rule.",
"title": "Signature severity",
"type": "string"
},
"tag": {
"description": "Vendor assigned classification tag.",
"items": {
"type": "string"
},
"title": "Signature tag",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"description": "Signature type.",
"items": {
"type": "string"
},
"title": "Type",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urls": {
"description": "List of mitre attack URLs pertaining to signature",
"items": {
"type": "string"
},
"required": false,
"title": "List of mitre attack URLs pertaining to signature.",
"type": "array"
}
},
"title": "Intrusion Detection System Signature",
"type": "object"
}
IdsSignatureInternalCategory (type)
{
"additionalProperties": false,
"description": "Represents the internal categories. APPLICATION : IDS signature having protocol comes under APPLICATION internal category. MALWARE: IDS signature having malware_family comes under this internal category. VULNERABILITY : IDS signature having cvssv3 score comes under this internal category.",
"enum": [
"APPLICATION",
"MALWARE",
"VULNERABILITY"
],
"id": "IdsSignatureInternalCategory",
"module_id": "PolicyIDSMetrics",
"title": "IDS signature internal categories",
"type": "string"
}
IdsSignatureStatus (type)
{
"additionalProperties": false,
"description": "Ids signature status.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsSignatureStatus",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"download_status": {
"description": "READY means signatures were downloaded and parsed successfully. PENDING means that signatures download is in progress. ERROR means error occurred during signature processing. DISABLED means IDS is disabled.",
"enum": [
"READY",
"PENDING",
"ERROR",
"DISABLED"
],
"readonly": true,
"title": "IDS signature download status",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_status": {
"description": "AVAILABLE means the signatures are available for the version. UNAVAILABLE means there are no available signatures for the version.",
"enum": [
"AVAILABLE",
"UNAVAILABLE"
],
"readonly": true,
"title": "IDS signature status",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"version_id": {
"description": "Represents the version id.",
"readonly": true,
"title": "Version Id",
"type": "string"
}
},
"title": "Intrusion Detection System signature status",
"type": "object"
}
IdsStandaloneHostConfig (type)
{
"additionalProperties": false,
"description": "IDS configuration to enable/disable IDS on standalone host level.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IdsStandaloneHostConfig",
"module_id": "PolicyIDS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ids_enabled": {
"description": "If set to true, IDS is enabled on standalone hosts.",
"readonly": false,
"required": true,
"title": "IDS enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Intrusion Detection System configuration",
"type": "object"
}
IkeDigestAlgorithm (type)
{
"additionalProperties": false,
"description": "The IkeDigestAlgorithms are used to verify message integrity during Ike negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "IkeDigestAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
IkeEncryptionAlgorithm (type)
{
"additionalProperties": false,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GCM_128 uses 128-bit keys. AES_GCM_192 uses 192-bit keys. AES_GCM_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "IkeEncryptionAlgorithm",
"module_id": "PolicyVpnIPSecVpn",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
ImportRequestParameter (type)
{
"additionalProperties": false,
"description": "This holds the request parameters required to invoke the import task.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "ImportRequestParameter",
"module_id": "PolicyTask",
"properties": {
"draft_description": {
"description": "Description to be set on the draft, which will hold the imported configuration.",
"required": false,
"title": "Description to be set on the draft",
"type": "string"
},
"draft_display_name": {
"description": "Display name to be set on the draft, which will hold the imported configuration.",
"minLength": 1,
"required": true,
"title": "Display name to be set on the draft",
"type": "string"
},
"file": {
"description": "The file having stored firewall configuration. Only zip file will be accepted.",
"required": true,
"title": "File to be imported",
"type": "multipart_file"
},
"passphrase": {
"description": "Passphrase to verify imported files. Passphrase needs to be same as provided earlier to export operation which generated these imported files. The passphrase specified must be at least 8 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one non-space special character.",
"minLength": 8,
"pattern": "^$|^(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[^a-zA-Z\\d\\s]).{8,}$",
"required": true,
"sensitive": true,
"title": "Passphrase to verify imported files",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.weak_passprase.message"
}
},
"title": "Import task request parameters",
"type": "object"
}
ImportTask (type)
{
"additionalProperties": false,
"description": "This object holds the information of the import task.",
"extends": {
"$ref": "PolicyTask
},
"id": "ImportTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"draft_path": {
"description": "Policy path of a draft in which the imported configuration gets stored after completion of import task.",
"readonly": true,
"title": "Policy path of a draft",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Import task information",
"type": "object"
}
IncludedFieldsParameters (type)
{
"additionalProperties": false,
"id": "IncludedFieldsParameters",
"module_id": "Common",
"properties": {
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
}
},
"title": "A list of fields to include in query results",
"type": "object"
}
Infra (type)
{
"additionalProperties": false,
"description": "Infra space related policy.",
"extends": {
"$ref": "AbstractSpace
},
"id": "Infra",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildALBAnalyticsProfile",
"ChildALBApplicationPersistenceProfile",
"ChildALBApplicationProfile",
"ChildALBAuthProfile",
"ChildALBAutoScaleLaunchConfig",
"ChildALBDnsPolicy",
"ChildALBErrorPageBody",
"ChildALBErrorPageProfile",
"ChildALBHTTPPolicySet",
"ChildALBHardwareSecurityModuleGroup",
"ChildALBHealthMonitor",
"ChildALBIpAddrGroup",
"ChildALBL4PolicySet",
"ChildALBNetworkProfile",
"ChildALBNetworkSecurityPolicy",
"ChildALBPKIProfile",
"ChildALBPool",
"ChildALBPoolGroup",
"ChildALBPoolGroupDeploymentPolicy",
"ChildALBPriorityLabels",
"ChildALBProtocolParser",
"ChildALBSSLKeyAndCertificate",
"ChildALBSSLProfile",
"ChildALBSSOPolicy",
"ChildALBSecurityPolicy",
"ChildALBServerAutoScalePolicy",
"ChildALBStringGroup",
"ChildALBTrafficCloneProfile",
"ChildALBVSDataScriptSet",
"ChildALBVirtualService",
"ChildALBVsVip",
"ChildALBWafCRS",
"ChildALBWafPolicy",
"ChildALBWafPolicyPSMGroup",
"ChildALBWafProfile",
"ChildALBWebhook",
"ChildBfdProfile",
"ChildCaBundle",
"ChildConstraint",
"ChildDhcpRelayConfig",
"ChildDhcpServerConfig",
"ChildDnsSecurityProfile",
"ChildDomain",
"ChildEnforcementPoint",
"ChildEvpnTenantConfig",
"ChildFloodProtectionProfile",
"ChildFullSyncState",
"ChildGatewayQosProfile",
"ChildGlobalManager",
"ChildGlobalManagerConfig",
"ChildIPDiscoveryProfile",
"ChildIPFIXDFWCollectorProfile",
"ChildIPFIXDFWProfile",
"ChildIPFIXL2CollectorProfile",
"ChildIPFIXL2Profile",
"ChildIpv6DadProfile",
"ChildIpv6NdraProfile",
"ChildMacDiscoveryProfile",
"ChildPolicyContextProfile",
"ChildPolicyDnsForwarderZone",
"ChildPolicyDraft",
"ChildPolicyFirewallSessionTimerProfile",
"ChildPolicyLabel",
"ChildPolicyLatencyStatProfile",
"ChildPolicyTransportZoneProfile",
"ChildPortMirroringProfile",
"ChildQoSProfile",
"ChildSegment",
"ChildSegmentSecurityProfile",
"ChildService",
"ChildSite",
"ChildSpan",
"ChildSpoofGuardProfile",
"ChildTier0",
"ChildTier1",
"ChildTlsCertificate",
"ChildTlsCrl",
"ChildTlsCsr",
"ChildTraceflowConfig",
"ChildVMTagReplicationPolicy"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connectivity_strategy": {
"deprecated": true,
"description": "The connectivity strategy is deprecated. Use default layer3 rule, /infra/domains/default/security-policies/default-layer3-security-policy/rules/default-layer3-rule. This field indicates the default connectivity policy for the infra or tenant space WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rules are added.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy used by this tenant",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domains": {
"description": "This field is used while creating or updating the infra space.",
"items": {
"$ref": "Domain
},
"required": false,
"title": "Domains for infra",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Infra",
"type": "object"
}
InfraSecurityConfig (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "InfraSecurityConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"ca_signed_only": {
"description": "When this flag is set to true (for NDcPP compliance) only ca-signed certificates will be allowed to be applied as server certificates.",
"readonly": false,
"title": "A flag to indicate whether the server certs are only allowed to be ca-signed.",
"type": "boolean"
},
"crl_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the CRL is fetched and checked whether the certificate is revoked or not. Setting this property to false results in lower security. It is not advisible to import certificate without CRL info while CRL checking is disabled, and then re-enable CRL checking.",
"readonly": false,
"title": "A flag to indicate whether the Java trust-managers check certificate revocation",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"eku_checking_enabled": {
"description": "When this flag is set to true, during certificate checking the Extended Key Usage extension is expected to be present, indicating whether the certificate is to be used a client certificate or server certificate. Setting this value to false is not recommended as it leads to lower security and operational risk.",
"readonly": false,
"title": "A flag to indicate whether the Extended Key Usage extension in the certificate is checked.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "NSX global configs for security purposes, like trust store and trust manager.",
"type": "object"
}
IngressBroadcastRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "IngressBroadcastRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressBroadcastRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"descrption": "Set custom average_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Average bandwidth in kb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"descrition": "Set custom burst_size for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"desription": "Set custom peak_bandwidth for the outbound network traffic\nfrom the VM to the logical network based on broadcast.\n",
"minimum": 0,
"title": "Peak bandwidth in kb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in kb/s",
"type": "object"
}
IngressRateLimiter (type)
{
"extends": {
"$ref": "QoSBaseRateLimiter
},
"id": "IngressRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"type-identifier": "IngressRateLimiter"
},
"properties": {
"average_bandwidth": {
"default": 0,
"description": "You can use the average bandwidth to reduce network congestion.",
"minimum": 0,
"title": "Average bandwidth in Mb/s",
"type": "int"
},
"burst_size": {
"default": 0,
"description": "The burst duration is set in the burst size setting.",
"minimum": 0,
"title": "Burst size in bytes",
"type": "int"
},
"enabled": {
"required": true,
"type": "boolean"
},
"peak_bandwidth": {
"default": 0,
"description": "The peak bandwidth rate is used to support burst traffic.",
"minimum": 0,
"title": "Peak bandwidth in Mb/s",
"type": "int"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A shaper that specifies ingress rate properties in Mb/s",
"type": "object"
}
InitiateClusterRestoreRequest (type)
{
"id": "InitiateClusterRestoreRequest",
"module_id": "ClusterRestore",
"properties": {
"ip_address": {
"format": "hostname-or-ip",
"readonly": true,
"required": false,
"title": "IP address or FQDN of the node from which the backup was taken",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "Unique id of the backed-up configuration from which\nthe appliance will be restored\n",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"required": true,
"title": "Timestamp of the backed-up configuration from which\nthe appliance will be restored\n"
}
},
"type": "object"
}
Injection (type)
{
"additionalProperties": false,
"description": "Injection holding a key and a corresponding value.",
"id": "Injection",
"module_id": "PolicyReaction",
"properties": {
"key": {
"description": "Injection key.",
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"$ref": "InjectionValue,
"description": "Injection value.",
"required": true,
"title": "Value"
}
},
"title": "Injection",
"type": "object"
}
InjectionValue (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Injection Value.",
"id": "InjectionValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Injection Value resource type.",
"enum": [
"UnaryOperationBasedInjectionValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Injection Value",
"type": "object"
}
InstallUpgradeServiceProperties (type)
{
"additionalProperties": false,
"id": "InstallUpgradeServiceProperties",
"properties": {
"enabled": {
"required": true,
"title": "True if service enabled; otherwise, false",
"type": "boolean"
},
"enabled_on": {
"readonly": true,
"title": "IP of manager on which install-upgrade is enabled",
"type": "string"
}
},
"title": "install-upgrade service properties",
"type": "object"
}
InstructionInfo (type)
{
"id": "InstructionInfo",
"module_id": "ClusterRestore",
"properties": {
"actions": {
"description": "A list of actions that are to be applied to resources",
"help_detail": "This attribute lists actions that are to be applied to the resources\nreferenced in the \"resources\" attribute. There is an m x n relationship\nbetween these actions and resources.\n",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Actions list",
"type": "array"
},
"fields": {
"description": "A list of fields that are displayable to users in a table",
"items": {
"type": "string"
},
"readonly": true,
"required": true,
"title": "Displayable fields",
"type": "array"
},
"id": {
"readonly": true,
"required": true,
"title": "UUID of the instruction",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "Instruction name",
"type": "string"
}
},
"title": "Details of the instructions displayed during restore process",
"type": "object"
}
IntegerArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of values",
"extends": {
"$ref": "ConstraintValue
},
"id": "IntegerArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "IntegerArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "Array of integer values",
"items": {
"type": "int"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of Integer",
"type": "array"
}
},
"title": "Array of Integer Values to perform operation",
"type": "object"
}
IntentEnforcementPointListRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing intent path and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "IntentEnforcementPointListRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"required": true,
"title": "String path of the intent object",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List request parameters containing intent path and enforcement point path",
"type": "object"
}
IntentPathRequestParameter (type)
{
"description": "Intent path for which state/realized entities would be fetched.",
"id": "IntentPathRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site",
"type": "string"
}
},
"title": "Parameter to filter realized entities by intent path",
"type": "object"
}
IntentRuntimeRequestParameters (type)
{
"description": "Request parameters that represents a an intent path.",
"id": "IntentRuntimeRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"intent_path": {
"description": "Policy Path referencing an intent object.",
"required": true,
"title": "Policy Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site from where the realization status needs to be fetched",
"type": "string"
}
},
"title": "Request Parameters for Intent Runtime Information",
"type": "object"
}
IntentStatusRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a binding between an intent path and whether the enforcement point specific status shall be retrieved from the enforcement point or not. A request can be parameterized with this pair and will be evaluated as follows: - <intent_path>: the request is evaluated on all enforcement points for the given intent with no enforced statuses' details returned. - <intent_path, include_enforced_status=true>: the request is evaluated on all enforcement points for the given intent with enforced statuses' details returned.",
"extends": {
"$ref": "IntentRuntimeRequestParameters
},
"id": "IntentStatusRequestParameters",
"module_id": "PolicyRealizationStatus",
"properties": {
"include_enforced_status": {
"default": false,
"description": "Flag conveying whether to include detailed view of the enforcement point specific status or not.",
"title": "Include Enforced Status Flag",
"type": "boolean"
},
"intent_path": {
"description": "Policy Path referencing an intent object.",
"required": true,
"title": "Policy Path of the intent object",
"type": "string"
},
"site_path": {
"description": "Policy Path referencing a site. This is applicable only on a GlobalManager. If no site_path is specified, then based on the span of the intent the response will be fetched from the respective sites",
"required": false,
"title": "Policy Path of the site from where the realization status needs to be fetched",
"type": "string"
}
},
"title": "Request Parameters for Intent Status Information",
"type": "object"
}
InterSitePortCounters (type)
{
"extends": {
"$ref": "LogicalRouterPortCounters
},
"id": "InterSitePortCounters",
"module_id": "AggSvcInterSite",
"properties": {
"blocked_packets": {
"description": "The total number of packets blocked.",
"required": false,
"title": "The number of blocked packets",
"type": "integer"
},
"dad_dropped_packets": {
"description": "Number of duplicate address detected packets dropped.",
"required": false,
"title": "The number of duplicate address detected packets dropped",
"type": "integer"
},
"destination_unsupported_dropped_packets": {
"description": "Number of packtes dropped as destination is not supported.",
"required": false,
"title": "The number of destination unsupported packets dropped",
"type": "integer"
},
"dropped_packets": {
"description": "The total number of packets dropped.",
"required": false,
"title": "The number of dropped packets",
"type": "integer"
},
"firewall_dropped_packets": {
"description": "Number of firewall packets dropped.",
"required": false,
"title": "The number of firewall packets dropped",
"type": "integer"
},
"frag_needed_dropped_packets": {
"description": "Number of fragmentation needed packets dropped.",
"required": false,
"title": "The number of fragmentation needed packets dropped",
"type": "integer"
},
"ipsec_dropped_packets": {
"description": "Number of IPSec packets dropped",
"required": false,
"title": "The number of IPSec packets dropped",
"type": "integer"
},
"ipsec_no_sa_dropped_packets": {
"description": "Number of IPSec no security association packets dropped.",
"required": false,
"title": "The number of IPSec no security association packets dropped",
"type": "integer"
},
"ipsec_no_vti_dropped_packets": {
"description": "Number of IPSec packets dropped as no VTI is present.",
"required": false,
"title": "The number of IPSec no VTI packets dropped",
"type": "integer"
},
"ipsec_pol_block_dropped_packets": {
"description": "Number of IPSec policy block packets dropped.",
"required": false,
"title": "The number of IPSec policy block packets dropped",
"type": "integer"
},
"ipsec_pol_err_dropped_packets": {
"description": "Number of IPSec policy error packets dropped.",
"required": false,
"title": "The number of IPSec policy error packets dropped",
"type": "integer"
},
"ipv6_dropped_packets": {
"description": "Number of IPV6 packets dropped.",
"required": false,
"title": "The number of IPV6 packets dropped",
"type": "integer"
},
"kni_dropped_packets": {
"description": "Number of DPDK kernal NIC interface packets dropped.",
"required": false,
"title": "The number of kernal NIC interface packets dropped",
"type": "integer"
},
"l4port_unsupported_dropped_packets": {
"description": "Number of packets dropped due to unsupported L4 port.",
"required": false,
"title": "The number of L4 port unsupported packets dropped",
"type": "integer"
},
"malformed_dropped_packets": {
"description": "Number of packtes dropped as they are malformed.",
"required": false,
"title": "The number of malformed packets dropped",
"type": "integer"
},
"no_arp_dropped_packets": {
"description": "Number of no ARP packets dropped.",
"required": false,
"title": "The number of no ARP packets dropped",
"type": "integer"
},
"no_linked_dropped_packets": {
"description": "Number of packets dropped as no linked ports are present.",
"required": false,
"title": "The number of no linked packets dropped",
"type": "integer"
},
"no_mem_dropped_packets": {
"description": "Number of packets dropped due to insufficient memory.",
"required": false,
"title": "The number of no memory packets dropped",
"type": "integer"
},
"no_receiver_dropped_packets": {
"description": "Number of packets dropped due to absence of receiver.",
"required": false,
"title": "The number of no receiver packets dropped",
"type": "integer"
},
"no_route_dropped_packets": {
"desrciption": "Number of packets dropped due to absence of routes.",
"required": false,
"title": "The number of no route packets dropped",
"type": "integer"
},
"non_ip_dropped_packets": {
"description": "Number of non IP packets dropped.",
"required": false,
"title": "The number of non IP packets dropped",
"type": "integer"
},
"proto_unsupported_dropped_packets": {
"description": "Number of packets dropped as protocol is unsupported.",
"required": false,
"title": "The number of protocol unsupported packets dropped",
"type": "integer"
},
"redirect_dropped_packets": {
"description": "Number of redirect packets dropped.",
"required": false,
"title": "The number of redirect packets dropped",
"type": "integer"
},
"rpf_check_dropped_packets": {
"description": "Number of reverse-path forwarding check packets dropped.",
"required": false,
"title": "The number of reverse-path forwarding check packets dropped",
"type": "integer"
},
"service_insert_dropped_packets": {
"description": "Number of service insert packets dropped.",
"required": false,
"title": "The number of service insert packets dropped",
"type": "integer"
},
"total_bytes": {
"description": "The total number of bytes transferred.",
"required": false,
"title": "The total number of bytes",
"type": "integer"
},
"total_packets": {
"description": "The total number of packets transferred.",
"required": false,
"title": "The total number of packets",
"type": "integer"
},
"ttl_exceeded_dropped_packets": {
"description": "Number of time to live exceeded packets dropped.",
"required": false,
"title": "The number of time to live exceeded packets dropped",
"type": "integer"
}
},
"type": "object"
}
InterfaceArpCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "InterfaceArpCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
InterfaceArpEntry (type)
{
"id": "InterfaceArpEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"ip": {
"$ref": "IPAddress,
"required": true,
"title": "The IP address"
},
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
}
},
"type": "object"
}
InterfaceArpProxy (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "InterfaceArpProxy",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"arp_proxy_entries": {
"items": {
"$ref": "PolicyArpProxyEntry
},
"readonly": true,
"title": "Array of ARP proxy table entries",
"type": "array"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"interface_path": {
"readonly": true,
"title": "Policy path of gateway interface",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
InterfaceArpProxyCsvEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "InterfaceArpProxyCsvEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"arp_proxy_ip": {
"description": "ARP proxy information for a service with ip.",
"readonly": true,
"required": false,
"title": "ARP proxy service addresses",
"type": "string"
},
"interface_path": {
"readonly": true,
"required": false,
"title": "Policy path of gateway interface",
"type": "string"
},
"service_id": {
"description": "Identifier of connected service on port.",
"readonly": true,
"required": false,
"title": "Service type id",
"type": "string"
}
},
"type": "object"
}
InterfaceArpTable (type)
{
"extends": {
"$ref": "ListResult
},
"id": "InterfaceArpTable",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point.",
"title": "Enforcement point path",
"type": "string"
},
"interface_path": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "InterfaceArpEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
InterfaceArpTableInCsvFormat (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "InterfaceArpTableInCsvFormat",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"results": {
"items": {
"$ref": "InterfaceArpCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
InterfaceDADState (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status on the interface.",
"id": "InterfaceDADState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dad_statuses": {
"description": "Array of DAD status which contains DAD information for IP addresses on the interface.",
"items": {
"$ref": "InterfaceIPv6DADStatus
},
"readonly": true,
"title": "IPv6 DAD status",
"type": "array"
},
"interface_path": {
"description": "Policy path or realization ID of interface for which IPv6 DAD status is returned.",
"readonly": true,
"title": "Policy path or realization ID of interface",
"type": "string"
}
},
"title": "Interface DAD status",
"type": "object"
}
InterfaceIPv6DADStatus (type)
{
"additionalProperties": false,
"description": "Duplicate address detection status for IP address on the interface.",
"id": "InterfaceIPv6DADStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_paths": {
"description": "Array of edge nodes on which DAD status is reported for given IP address.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Edge node paths",
"type": "array"
},
"ip_address": {
"$ref": "IPAddress,
"description": "IP address on the port for which DAD status is reported.",
"readonly": true,
"required": false,
"title": "IP address"
},
"status": {
"$ref": "DADStatus,
"description": "DAD status for IP address on the port.",
"readonly": true,
"required": false,
"title": "DAD Status"
}
},
"title": "IPv6 DAD status for Interface",
"type": "object"
}
InterfaceSubnet (type)
{
"additionalProperties": false,
"id": "InterfaceSubnet",
"module_id": "PolicyConnectivity",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"required": true,
"title": "IP addresses assigned to interface",
"type": "array"
},
"prefix_len": {
"maximum": 128,
"minimum": 1,
"required": true,
"title": "Subnet prefix length",
"type": "int"
}
},
"title": "Subnet specification for interface connectivity",
"type": "object"
}
IntersiteGatewayConfig (type)
{
"additionalProperties": false,
"description": "Intersite gateway configuration.",
"id": "IntersiteGatewayConfig",
"module_id": "PolicyConnectivity",
"properties": {
"fallback_sites": {
"description": "Fallback site to be used as new primary site on current primary site failure. Disaster recovery must be initiated via API/UI. Fallback site configuration is supported only for T0 gateway. T1 gateway will follow T0 gateway's primary site during disaster recovery.",
"items": {
"type": "string"
},
"required": false,
"title": "Fallback sites",
"type": "array"
},
"intersite_transit_subnet": {
"default": "169.254.32.0/20",
"description": "IPv4 subnet for inter-site transit segment connecting service routers across sites for stretched gateway. For IPv6 link local subnet is auto configured.",
"format": "ip-cidr-block",
"required": false,
"title": "Transit subnet in CIDR format",
"type": "string"
},
"last_admin_active_epoch": {
"description": "Epoch(in seconds) is auto updated based on system current timestamp when primary locale service is updated. It is used for resolving conflict during site failover. If system clock not in sync then User can optionally override this. New value must be higher than the current value.",
"maximum": 4294967295,
"required": false,
"title": "Epoch of last time admin changing active LocaleServices",
"type": "integer"
},
"primary_site_path": {
"description": "Primary egress site for gateway. T0/T1 gateway in Active/Standby mode supports stateful services on primary site. In this mode primary site must be set if gateway is stretched to more than one site. For T0 gateway in Active/Active primary site is optional field. If set then secondary site prefers routes learned from primary over locally learned routes. This field is not applicable for T1 gateway with no services.",
"required": false,
"title": "Primary egress site for gateway.",
"type": "string"
}
},
"title": "Intersite gateway configuration",
"type": "object"
}
IntervalBackupSchedule (type)
{
"extends": {
"$ref": "BackupSchedule
},
"id": "IntervalBackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "IntervalBackupSchedule"
},
"properties": {
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
},
"seconds_between_backups": {
"default": 3600,
"maximum": 86400,
"minimum": 300,
"title": "Time interval in seconds between two consecutive automated backups",
"type": "integer"
}
},
"title": "Schedule to specify the interval time at which automated backups need to be taken",
"type": "object"
}
InvalidCertificateAction (type)
{
"additionalProperties": false,
"description": "If presented invalid certificates take this action.",
"enum": [
"BLOCK",
"ALLOW"
],
"help_summary": "Use of 'BLOCK' will terminate connection if the certificate is either\nexpired or untrusted.\nUse of 'ALLOW' will allow the connection to proceed.\n",
"id": "InvalidCertificateAction",
"module_id": "PolicyTlsActionProfile",
"readonly": true,
"required": false,
"title": "Action for invalid certificates",
"type": "string"
}
InvalidConfigSummary (type)
{
"additionalProperties": false,
"description": "Invalid Configuration details for a category.",
"id": "InvalidConfigSummary",
"module_id": "GmConfigOnboarding",
"properties": {
"category": {
"description": "Configuration category representing resources not supported for the federation site configuration onboarding.",
"readonly": true,
"required": true,
"title": "Configuration Category",
"type": "string"
},
"resource_count": {
"description": "Total resource count for category",
"readonly": true,
"required": true,
"title": "Resource Count",
"type": "integer"
},
"resource_summary_details": {
"description": "Represents list of resource summaries for a configuration category which are not supported for the federation site configuration onboarding.",
"items": {
"$ref": "ResourceSummaryDetail
},
"maxItems": 10,
"readonly": true,
"required": true,
"title": "Resource Summary List",
"type": "array"
}
},
"title": "Invalid Configuration Summary",
"type": "object"
}
IpAddressAllocation (type)
{
"additionalProperties": false,
"description": "Allocation parameters for the IP address (e.g. specific IP address) can be specified. Tags, display_name and description attributes are not supported in this release.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressAllocation",
"module_id": "PolicyIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ip": {
"$ref": "IPAddress,
"readonly": true,
"title": "Address that is allocated from pool"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Parameters for IP allocation",
"type": "object"
}
IpAddressBlock (type)
{
"additionalProperties": false,
"description": "A block of IP addresses defined by a start address and a mask/prefix (network CIDR). An IP block is typically large & allocated to a tenant for automated consumption. An IP block is always a contiguous address space, for example 192.0.0.1/8. An IP block can be further subdivided into subnets called IP block subnets. These IP block subnets can be added to IP pools and used for IP allocation.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressBlock",
"module_id": "PolicyIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cidr": {
"description": "Represents a network address and the prefix length which will be associated with a layer-2 broadcast domain. Support IPv4 and IPv6 CIDR.",
"format": "ip-cidr-block",
"required": true,
"title": "A contiguous IP address space represented by network address and prefix length",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IP address space represented by network address and prefix",
"type": "object"
}
IpAddressInfo (type)
{
"additionalProperties": false,
"id": "IpAddressInfo",
"module_id": "Inventory",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": true,
"title": "IP Addresses of the the virtual network interface, as discovered in the source.",
"type": "array"
},
"source": {
"enum": [
"VM_TOOLS"
],
"readonly": true,
"required": true,
"title": "Source of the ipaddress information.",
"type": "string"
}
},
"title": "Ipaddress information of the fabric node.",
"type": "object"
}
IpAddressPool (type)
{
"additionalProperties": false,
"description": "IpAddressPool is a collection of subnets. The subnets can either be derived from an IpBlock or specified by the user. User can request for IP addresses to be allocated from a pool. When an IP is requested from a pool, the IP that is returned can come from any subnet that belongs to the pool.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressPool",
"module_id": "PolicyIpam",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"check_overlap_with_existing_pools": {
"default": false,
"description": "If an existing IpAddressPool is found that overlaps with the given IpAddressPool, then a validation error would be thrown while realization. It is false by default.",
"title": "Whether to perform overlap check with existing IpAddressPools while realization.",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_release_delay": {
"description": "Delay in milliseconds, while releasing allocated IP address from IP pool (Default is 2 mins).",
"title": "IP address release delay in milliseconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_usage": {
"$ref": "PolicyPoolUsage,
"description": "Shows Pool statistics like total IPs, allocated IPs, requested IP allocations and available IPs of an IpAddressPool.",
"readonly": true,
"title": "IpAddressPool usage statistics"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A collection of IP subnets",
"type": "object"
}
IpAddressPoolBlockSubnet (type)
{
"additionalProperties": false,
"description": "This type of subnet allows user to dynamically carve a subnet out of a preconfigured IpAddressBlock. The user must specify the size of the subnet and the IpAddressBlock from which the subnet is to be derived. If the required amount of IP adress space is available in the specified IpAddressBlock, the system automatically configures subnet range.",
"extends": {
"$ref": "IpAddressPoolSubnet
},
"id": "IpAddressPoolBlockSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "IpAddressPoolBlockSubnet"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"auto_assign_gateway": {
"default": true,
"description": "If this property is set to true, the first IP in the range will be reserved for gateway.",
"title": "Indicate whether default gateway is to be reserved from the range",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_block_path": {
"required": true,
"title": "The path of the IpAddressBlock from which the subnet is to be created.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpAddressPoolBlockSubnet"
],
"relationshipType": "IP_BLOCK_IP_POOL_SUBNET_RELATIONSHIP",
"rightType": [
"IpAddressBlock"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"size": {
"description": "The size parameter is required for subnet creation. It must be specified during creation but cannot be changed later.",
"required": true,
"title": "Represents the size or number of IP addresses in the subnet",
"type": "integer"
},
"start_ip": {
"$ref": "IPAddress,
"description": "For internal system use Only. Represents start ip address of the subnet from IP block. Subnet ip adddress will start from this ip address.",
"required": false,
"title": "Represents start ip address of the subnet"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IpAddressPoolSubnet dynamically carved out of a IpAddressBlock",
"type": "object"
}
IpAddressPoolStaticSubnet (type)
{
"additionalProperties": false,
"description": "This type of subnet is statically configured by the user. The user provides the range details and the gateway for the subnet.",
"extends": {
"$ref": "IpAddressPoolSubnet
},
"id": "IpAddressPoolStaticSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"type-identifier": "IpAddressPoolStaticSubnet"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"allocation_ranges": {
"items": {
"$ref": "IpPoolRange
},
"required": true,
"title": "A collection of IPv4 or IPv6 IP Pool Ranges.",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cidr": {
"required": true,
"title": "Subnet representation is a network address and prefix length",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_nameservers": {
"items": {
"$ref": "IPAddress
},
"maxItems": 3,
"title": "The collection of upto 3 DNS servers for the subnet.",
"type": "array",
"uniqueItems": true
},
"dns_suffix": {
"format": "hostname",
"title": "The DNS suffix for the DNS server.",
"type": "string"
},
"gateway_ip": {
"$ref": "IPAddress,
"title": "The default gateway address on a layer-3 router."
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IpAddressPoolSubnet statically configured by a user",
"type": "object"
}
IpAddressPoolSubnet (type)
{
"abstract": true,
"additionalProperties": false,
"description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified by the user. In the first case where the subnet is carved out of a IpAddressBlock, the user must specify the ID of the block from which this subnet is to be derived. This block must be pre-created. The subnet range is auto populated by the system. In the second case, the user configures the subnet range directly. No IpAddressBlock is required.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "IpAddressPoolSubnet",
"module_id": "PolicyIpam",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IpAddressPoolSubnetType,
"description": "Specifies whether the IpAddressPoolSubnet is to be carved out of a IpAddressBlock or will be specified by the user",
"required": true,
"title": "Represents the type of IpAddressPoolSubnet"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract class for IpSubnet in a IpAddressPool",
"type": "object"
}
IpAddressPoolSubnetType (type)
{
"additionalProperties": false,
"description": "IpAddressPoolSubnet can either be carved out of a PolicyBlock or statically specified. A subnet to be carved out of a IpAddressBlock is of type IpAddressPoolBlockSubnet A subnet statically specified by the user is of type IpAddressPoolStaticSubnet",
"enum": [
"IpAddressPoolBlockSubnet",
"IpAddressPoolStaticSubnet"
],
"id": "IpAddressPoolSubnetType",
"module_id": "PolicyIpam",
"title": "Type of IpAddressPoolSubnet",
"type": "string"
}
IpInfo (type)
{
"additionalProperties": false,
"description": "Only support IP address or subnet. Its type can be of IPv4 or IPv6. It will be converted to subnet when netmask is specified(e.g., 192.168.1.3/24 => 192.168.1.0/24, 2008:12:12:12::2/64 => 2008:12:12:12::/64).",
"id": "IpInfo",
"module_id": "LiveTrace",
"properties": {
"dst_ip": {
"$ref": "IPElement,
"required": false,
"title": "The destination IP address or subnet"
},
"src_ip": {
"$ref": "IPElement,
"required": false,
"title": "The source IP address or subnet"
}
},
"type": "object"
}
IpPoolRange (type)
{
"additionalProperties": false,
"description": "A set of IPv4 or IPv6 addresses defined by a start and end address.",
"extends": {
"$ref": "Resource
},
"id": "IpPoolRange",
"module_id": "Ipam",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"end": {
"$ref": "IPAddress,
"required": true,
"title": "The end IP Address of the IP Range."
},
"start": {
"$ref": "IPAddress,
"required": true,
"title": "The start IP Address of the IP Range."
}
},
"type": "object"
}
Ipv4Header (type)
{
"additionalProperties": false,
"id": "Ipv4Header",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv4Address,
"required": false,
"title": "The destination ip address."
},
"flags": {
"default": 0,
"maximum": 8,
"minimum": 0,
"required": false,
"title": "IP flags",
"type": "integer"
},
"protocol": {
"default": 1,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "IP protocol - defaults to ICMP",
"type": "integer"
},
"src_ip": {
"$ref": "IPv4Address,
"required": false,
"title": "The source ip address."
},
"src_subnet_prefix_len": {
"description": "This is used together with src_ip to calculate dst_ip for broadcast when dst_ip is not given; not used in all other cases.",
"maximum": 32,
"minimum": 1,
"required": false,
"title": "source subnet prefix length.",
"type": "integer"
},
"ttl": {
"default": 64,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Time to live (ttl)",
"type": "integer"
}
},
"type": "object"
}
Ipv6DadProfile (type)
{
"additionalProperties": false,
"description": "Duplicate address detection profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Ipv6DadProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"dad_mode": {
"$ref": "DADMode,
"default": "LOOSE",
"required": false,
"title": "DAD Mode"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ns_retries": {
"default": 3,
"description": "Number of Neighbor solicitation packets generated before completing the Duplicate address detection process.",
"maximum": 10,
"minimum": 0,
"required": false,
"title": "NS retries count",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"wait_time": {
"default": 1,
"description": "The time duration in seconds, to wait for Neighbor advertisement after sending the Neighbor solicitation message.",
"maximum": 60,
"minimum": 0,
"required": false,
"title": "Wait time",
"type": "integer"
}
},
"type": "object"
}
Ipv6DadProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Ipv6DadProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Ipv6DadProfile
},
"required": true,
"title": "Paginated list of Ipv6DadProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
Ipv6Header (type)
{
"id": "Ipv6Header",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv6Address,
"required": false,
"title": "The destination ip address."
},
"hop_limit": {
"default": 64,
"description": "Decremented by 1 by each node that forwards the packets. The packet is discarded if Hop Limit is decremented to zero.",
"maximum": 255,
"minimum": 0,
"required": false,
"title": "hop limit",
"type": "integer"
},
"next_header": {
"default": 58,
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Identifies the type of header immediately following the IPv6 header.",
"type": "integer"
},
"src_ip": {
"$ref": "IPv6Address,
"required": false,
"title": "The source ip address."
}
},
"type": "object"
}
Ipv6NdraProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Ipv6NdraProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_config": {
"$ref": "RaDNSConfig,
"required": false,
"title": "DNS Configurations"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ndra_advertised_route": {
"description": "Route advertised in NDRAProfile.",
"items": {
"$ref": "NDRAAdvertisedRoute
},
"required": false,
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"ra_config": {
"$ref": "RAConfig,
"required": true,
"title": "RA Configuration"
},
"ra_mode": {
"$ref": "RAMode,
"default": "SLAAC_DNS_THROUGH_RA",
"required": true,
"title": "RA Mode"
},
"reachable_timer": {
"default": 0,
"description": "Neighbour reachable time duration in milliseconds. A value of 0 means unspecified.",
"maximum": 3600000,
"minimum": 0,
"required": false,
"title": "Reachable timer",
"type": "integer"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"retransmit_interval": {
"default": 1000,
"description": "The time, in milliseconds, between retransmitted neighbour solicitation messages.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Retransmission interval",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
Ipv6NdraProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Ipv6NdraProfileListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Ipv6NdraProfile
},
"required": true,
"title": "Paginated list of Ipv6NdraProfile",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
IssuerSerialNumber (type)
{
"additionalProperties": false,
"id": "IssuerSerialNumber",
"module_id": "CertificateManager",
"properties": {
"issuer": {
"description": "Issuer Distinguished Name of the revoked certificates.",
"title": "Issuer Distinguished Name (DN)",
"type": "string"
},
"serial_numbers": {
"description": "List of Certificate Serial Numbers issued by the specified issuers.",
"items": {
"type": "string"
},
"title": "Certificate Serial Numbers",
"type": "array"
}
},
"type": "object"
}
JoinClusterParameters (type)
{
"additionalProperties": false,
"description": "To join a new node to the NSX cluster, issue a JoinCluster API on the new node. The JoinCluster API takes this object as a parameter. Provide the ID of the NSX cluster you want the new node to join and the IP address of one of the nodes already in that cluster. The Cluster Boot Manager running on the new node will then add the new node to the NSX cluster by making a AttachClusterNode REST API call on the node that is already part of the cluster. In order to make a REST API call to the node in the cluster, the Cluster Boot Manager will need username and password of a priviledged user on the node in the cluster. In place of a username and password, Cluster Boot Manager could also use a OAuth token provided. The Cluster Boot Manager needs either the username and password or the OAuth token to make the REST call but not both.",
"id": "JoinClusterParameters",
"properties": {
"certficate_sha256_thumbprint": {
"required": true,
"title": "SHA256 Thumbprint of the API certificate of the cluster node",
"type": "string"
},
"cluster_id": {
"required": true,
"title": "UUID of the cluster to join",
"type": "string"
},
"ip_address": {
"required": true,
"title": "IP address of a node already part of the cluster to join",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "Password of the user on the cluster node",
"type": "string"
},
"port": {
"default": 443,
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "API port on the cluster node",
"type": "integer"
},
"token": {
"required": false,
"sensitive": true,
"title": "Limited time OAuth token instead of the username/password",
"type": "string"
},
"username": {
"required": false,
"title": "Username on the cluster node",
"type": "string"
}
},
"title": "Parameters needed for this node to join the NSX cluster",
"type": "object"
}
KeySize (type)
{
"id": "KeySize",
"module_id": "CertificateManager",
"title": "Crypto key size",
"type": "integer"
}
KeyStoreInfo (type)
{
"additionalProperties": false,
"description": "Key Store information about the url alias or datasource.",
"id": "KeyStoreInfo",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"keystore": {
"description": "A location of the keystor file which stores private key and identity certificates that will be presented to both parties (server or client) for verification.",
"title": "A location of the keystore file",
"type": "string"
},
"keystore_alias": {
"description": "Its an alias specified when an entity is added to the keystore.",
"title": "An alias is used to uniquely identifies the entry in keystore",
"type": "string"
},
"keystore_phrase": {
"description": "A location of the key store pass phrase file.",
"title": "A location of the key store pass phrase file.",
"type": "string"
},
"truststore": {
"description": "A location of the trust store file which stores the certificate from CA that verify the certificate presented by the server in SSL connection.",
"title": "A location of the trust store file.",
"type": "string"
}
},
"title": "KeyStoreInfo",
"type": "object"
}
KeyValue (type)
{
"additionalProperties": false,
"id": "KeyValue",
"module_id": "CertificateManager",
"properties": {
"key": {
"description": "Key name.",
"readonly": false,
"required": true,
"type": "string"
},
"value": {
"description": "Key value.",
"readonly": false,
"required": true,
"type": "string"
}
},
"type": "object"
}
KeyValuePair (type)
{
"additionalProperties": false,
"id": "KeyValuePair",
"module_id": "Common",
"properties": {
"key": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "An arbitrary key-value pair",
"type": "object"
}
KnownHostParameter (type)
{
"additionalProperties": false,
"id": "KnownHostParameter",
"properties": {
"host": {
"$ref": "HostnameOrIPv4Address,
"required": true,
"title": "Known host hostname or IP address"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Known host port",
"type": "integer"
}
},
"type": "object"
}
L2AutoRD (type)
{
"id": "L2AutoRD",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"l2_auto_rd": {
"title": "Layer 2 auto assigned route distinghusher",
"type": "string"
},
"l2_vni": {
"title": "Layer 2 Virtual Network Interface",
"type": "string"
}
},
"title": "Layer 2 Auto assigned Route Distinguisher",
"type": "object"
}
L2BridgeEndpointProfile (type)
{
"additionalProperties": false,
"description": "Used to configure L2 Bridge endpoint profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2BridgeEndpointProfile",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_paths": {
"description": "List of policy paths to edge nodes. Edge allocation for L2 bridging.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 1,
"title": "List of path of Edge nodes",
"type": "array"
},
"failover_mode": {
"default": "PREEMPTIVE",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"title": "Failover mode for the edge bridge cluster",
"type": "string"
},
"ha_mode": {
"default": "ACTIVE_STANDBY",
"description": "High avaialability mode can be active-active or active-standby. High availability mode cannot be modified after realization.",
"enum": [
"ACTIVE_STANDBY"
],
"title": "High availability mode for the edge bridge cluster",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Layer 2 Bridge Endpoint Profile",
"type": "object"
}
L2Extension (type)
{
"additionalProperties": false,
"id": "L2Extension",
"module_id": "PolicyConnectivity",
"properties": {
"l2vpn_path": {
"deprecated": true,
"description": "This property has been deprecated. Please use the property l2vpn_paths for setting the paths of associated L2 VPN session. This property will continue to work as expected to provide backwards compatibility. However, when both l2vpn_path and l2vpn_paths properties are specified, only l2vpn_paths is used.",
"required": false,
"title": "Policy path of associated L2 VPN session",
"type": "string"
},
"l2vpn_paths": {
"description": "Policy paths corresponding to the associated L2 VPN sessions",
"items": {
"type": "string"
},
"required": false,
"title": "Policy paths of associated L2 VPN sessions",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_L2VPN_SESSION_RELATIONSHIP",
"rightType": [
"L2VPNSession"
]
}
]
},
"local_egress": {
"$ref": "LocalEgress,
"description": "Local Egress.",
"title": "Local Egress"
},
"tunnel_id": {
"maximum": 4093,
"minimum": 1,
"required": false,
"title": "Tunnel ID",
"type": "int"
}
},
"title": "Segment specific L2 VPN configuration",
"type": "object"
}
L2ForwarderRemoteMacsPerSite (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderRemoteMacsPerSite",
"module_id": "AggSvcL2Forwarder",
"properties": {
"remote_active_ips": {
"description": "Remote active IP addresses.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote active IPs",
"type": "array"
},
"remote_mac_addresses": {
"description": "Remote mac addresses.",
"items": {
"type": "string"
},
"readonly": true,
"title": "Remote mac addresses",
"type": "array"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"required": true,
"title": "Remote site"
},
"remote_standby_ips": {
"description": "Remote standby IP addresses.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote standby IPs",
"type": "array"
},
"rtep_group_id": {
"description": "32 bit unique RTEP group id of the logical switch per site.",
"readonly": true,
"required": true,
"title": "RTEP group id of logical switch per site",
"type": "integer"
}
},
"type": "object"
}
L2ForwarderStatusPerNode (type)
{
"additionalProperties": false,
"experimental": true,
"id": "L2ForwarderStatusPerNode",
"module_id": "AggSvcL2Forwarder",
"properties": {
"high_availability_status": {
"description": "High Availability status of a service router on the edge node.",
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Service router's HA status",
"type": "string"
},
"transport_node": {
"$ref": "ResourceReference,
"description": "Edge node details from where the router status is being retrieved.",
"readonly": true,
"required": true,
"title": "Transport node"
}
},
"type": "object"
}
L2L3RuntimeRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "L2L3RuntimeRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "L2 L3 connectivity runtime status request parameters",
"type": "object"
}
L2TcpMaxSegmentSizeClamping (type)
{
"additionalProperties": false,
"description": "TCP MSS Clamping Direction and Value.",
"id": "L2TcpMaxSegmentSizeClamping",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"direction": {
"default": "BOTH",
"description": "Specifies the traffic direction for which to apply MSS Clamping.",
"enum": [
"NONE",
"BOTH"
],
"required": false,
"title": "Maximum Segment Size Clamping Direction",
"type": "string"
},
"max_segment_size": {
"description": "MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 108 to 8852.",
"maximum": 8860,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size Value",
"type": "integer"
}
},
"title": "TCP MSS Clamping",
"type": "object"
}
L2VPNService (type)
{
"additionalProperties": false,
"description": "L2VPN Service defines if service running as server or client. It also defines all the common properties for the multiple L2VPN Sessions associated with this service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VPNService",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_hub": {
"default": false,
"description": "This property applies only in SERVER mode. If set to true, traffic from any client will be replicated to all other clients. If set to false, traffic received from clients is only replicated to the local VPN endpoint.",
"required": false,
"title": "Enable spoke to spoke (client) forwarding via hub (server)",
"type": "boolean"
},
"encap_ip_pool": {
"description": "IP Pool to allocate local and peer endpoint IPs for L2VpnSession logical tap.",
"items": {
"$ref": "IPv4CIDRBlock
},
"required": false,
"title": "IP Pool for Logical Taps",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mode": {
"default": "SERVER",
"description": "Specify an L2VPN service mode as SERVER or CLIENT.",
"enum": [
"SERVER",
"CLIENT"
],
"title": "L2VPN Service Mode",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2VPN Service",
"type": "object"
}
L2VPNSession (type)
{
"additionalProperties": false,
"description": "Defines the tunnel local and peer addresses along with multiple tansport tunnels for redundancy. L2VPNSession belongs to only one L2VPNService.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VPNSession",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated segments.",
"required": false,
"title": "Enable L2VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "L2TcpMaxSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value. This feature is supported for L2VPN Sessions that are Server mode only.",
"title": "TCP MSS Clamping"
},
"transport_tunnels": {
"description": "List of transport tunnels for redundancy.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of transport tunnels",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"L2VPNSession"
],
"relationshipType": "L2VPN_SESSION_TRANSPORT_TUNNEL_RELATIONSHIP",
"rightType": [
"IPSecVpnSession"
]
}
]
},
"tunnel_encapsulation": {
"$ref": "L2VPNTunnelEncapsulation,
"description": "Tunnel encapsulation config. This property only applies in CLIENT mode. It is auto-populated from the L2VPNSessionData.",
"readonly": true,
"required": false,
"title": "Tunnel encapsulation config"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2VPN Session",
"type": "object"
}
L2VPNTunnelEncapsulation (type)
{
"additionalProperties": false,
"description": "L2VPN tunnel encapsulation config.",
"id": "L2VPNTunnelEncapsulation",
"module_id": "PolicyVpnLayer2VPN",
"properties": {
"local_endpoint_address": {
"$ref": "IPv4Address,
"description": "IP Address of the local tunnel port. This property only applies in CLIENT mode.",
"readonly": true,
"required": false,
"title": "IP Address of the tunnel port"
},
"peer_endpoint_address": {
"$ref": "IPv4Address,
"description": "IP Address of the peer tunnel port. This property only applies in CLIENT mode.",
"readonly": true,
"required": false,
"title": "IP Address of the peer tunnel port"
},
"protocol": {
"default": "GRE",
"description": "Encapsulation protocol used by the tunnel.",
"enum": [
"GRE"
],
"readonly": true,
"required": false,
"title": "Encapsulation protocol",
"type": "string"
}
},
"title": "L2VPN Tunnel Encapsulation",
"type": "object"
}
L2Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contains information necessary to configure L2Vpn.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2Vpn",
"module_id": "PolicyL2Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Enable to extend all the associated segments.",
"required": false,
"title": "Enable L2Vpn",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_tunnels": {
"description": "List of paths referencing transport tunnels.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "List of paths referencing transport tunnels",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2 Virtual Private Network Configuration",
"type": "object"
}
L2VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "L2Vpn Context provides meta-data information about the parent Tier-0.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L2VpnContext",
"module_id": "PolicyL2Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_hub": {
"default": false,
"description": "If enabled, the tier-0 acts as a Hub and replicates traffic received from peer to all other peers. If disabled, the tier-0 acts as a Spoke and replicates only the local.",
"title": "Enable to act as hub",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L2Vpn Context",
"type": "object"
}
L3Vpn (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Contains information necessary to configure IPSec VPN.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3Vpn",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dh_groups": {
"description": "Diffie-Hellman group to be used if PFS is enabled. Default group is GROUP14.",
"items": {
"$ref": "PolicyDHGroup
},
"maxItems": 1,
"title": "DH group",
"type": "array",
"uniqueItems": true
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_perfect_forward_secrecy": {
"default": true,
"description": "If true, perfect forward secrecy (PFS) is enabled.",
"title": "Enable perfect forward secrecy",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "Flag to enable L3Vpn. Default is enabled.",
"title": "Enable L3Vpn",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_digest_algorithms": {
"description": "Algorithm to be used for message digest during Internet Key Exchange(IKE) negotiation. Default is SHA2_256.",
"items": {
"$ref": "PolicyIKEDigestAlgorithm
},
"maxItems": 1,
"title": "Digest Algorithm for IKE",
"type": "array",
"uniqueItems": true
},
"ike_encryption_algorithms": {
"description": "Algorithm to be used during Internet Key Exchange(IKE) negotiation. Default is AES_128.",
"items": {
"$ref": "PolicyIKEEncryptionAlgorithm
},
"maxItems": 1,
"title": "Encryption algorithm for IKE",
"type": "array",
"uniqueItems": true
},
"ike_version": {
"$ref": "PolicyIKEVersion,
"default": "IKE_V2",
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"title": "IKE version"
},
"l3vpn_session": {
"$ref": "L3VpnSession,
"required": true,
"title": "L3Vpn Session"
},
"local_address": {
"$ref": "IPv4Address,
"required": true,
"title": "IPv4 address of local gateway"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passphrases": {
"description": "List of IPSec pre-shared keys used for IPSec authentication. If not specified, the older passphrase values are retained if there are any.",
"items": {
"type": "string"
},
"maxItems": 1,
"sensitive": true,
"title": "List of IPSec pre-shared keys",
"type": "array",
"uniqueItems": true
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_private_address": {
"description": "This field is used to resolve conflicts in case of a remote site being behind NAT as remote public ip address is not enough. If it is not the case the remote public address should be provided here. If not provided, the value of this field is set to remote_public_address.",
"title": "Identifier of the remote site",
"type": "string"
},
"remote_public_address": {
"$ref": "IPv4Address,
"required": true,
"title": "Public IPv4 address of remote gateway"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tunnel_digest_algorithms": {
"description": "Algorithm to be used for message digest during tunnel establishment. Default algorithm is empty.",
"items": {
"$ref": "PolicyTunnelDigestAlgorithm
},
"maxItems": 1,
"title": "Digest Algorithm for Tunnel Establishment",
"type": "array",
"uniqueItems": true
},
"tunnel_encryption_algorithms": {
"description": "Encryption algorithm to encrypt/decrypt the messages exchanged between IPSec VPN initiator and responder during tunnel negotiation. Default is AES_GCM_128.",
"items": {
"$ref": "PolicyTunnelEncryptionAlgorithm
},
"maxItems": 1,
"title": "Encryption algorithm for Tunnel Establishement",
"type": "array",
"uniqueItems": true
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3 Virtual Private Network Configuration",
"type": "object"
}
L3VpnContext (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "L3Vpn Context provides the configuration context that different L3Vpns can consume.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3VpnContext",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"available_local_addresses": {
"description": "Local gateway IPv4 addresses available for configuration of each L3Vpn.",
"items": {
"$ref": "PolicyIPAddressInfo
},
"title": "IPv4 addresses of the local gateway",
"type": "array",
"uniqueItems": true
},
"bypass_rules": {
"description": "Bypass L3Vpn rules that will be shared across L3Vpns. Only Bypass action is supported on these L3Vpn rules.",
"items": {
"$ref": "L3VpnRule
},
"title": "List of Bypass L3VpnRules",
"type": "array",
"uniqueItems": true
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "If true, enable L3Vpn Service for given tier-0. Enabling/disabling this service affects all L3Vpns under the given tier-0.",
"title": "Enable L3 Virtual Private Network (VPN) service",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_log_level": {
"default": "INFO",
"description": "Log level for internet key exchange (IKE).",
"enum": [
"DEBUG",
"INFO",
"WARN",
"ERROR",
"EMERGENCY"
],
"title": "Internet key exchange (IKE) log level",
"type": "string"
},
"label": {
"description": "Policy path referencing Label. A label is used as a mechanism to group route-based L3Vpns in order to apply edge firewall rules on members' VTIs.",
"required": false,
"title": "Policy path referencing Label",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3Vpn Context",
"type": "object"
}
L3VpnRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "For policy-based L3Vpn sessions, a rule specifies as its action the vpn tunnel to be used for transit traffic that meets the rule's match criteria.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L3VpnRule",
"module_id": "PolicyL3Vpn",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"default": "PROTECT",
"description": "Action to exchange data with or without protection. PROTECT - Allows to exchange data with ipsec protection. Protect rules are defined per L3Vpn. BYPASS - Allows to exchange data without ipsec protection. Bypass rules are defined per L3VpnContext and affects all policy based L3Vpns. Bypass rules are prioritized over protect rules.",
"enum": [
"PROTECT",
"BYPASS"
],
"title": "Action to apply to the traffic transiting through the L3Vpn",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destinations": {
"description": "List of remote subnets used in policy-based L3Vpn.",
"items": {
"$ref": "L3VpnSubnet
},
"maxItems": 128,
"minItems": 1,
"required": true,
"title": "List of remote subnets",
"type": "array",
"uniqueItems": true
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple L3VpnRules associated with a single L3Vpn or L3VpnContext.",
"required": false,
"title": "Sequence number of the L3VpnRule",
"type": "int"
},
"sources": {
"description": "List of local subnets used in policy-based L3Vpn.",
"items": {
"$ref": "L3VpnSubnet
},
"maxItems": 128,
"minItems": 1,
"required": true,
"title": "List of local subnets",
"type": "array",
"uniqueItems": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "L3Vpn Rule",
"type": "object"
}
L3VpnSession (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Contains information about L3Vpn session.",
"id": "L3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
}
},
"title": "L3Vpn Session",
"type": "object"
}
L3VpnSessionResourceType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "- A Policy Based L3Vpn is a configuration in which protect rules to match local and remote subnet needs to be defined. Tunnel is established for each pair of local and remote subnet defined in protect rules. - A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet (commonly known as VTI) is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.",
"enum": [
"PolicyBasedL3VpnSession",
"RouteBasedL3VpnSession"
],
"id": "L3VpnSessionResourceType",
"module_id": "PolicyL3Vpn",
"title": "Resource type of L3Vpn Session",
"type": "string"
}
L3VpnSubnet (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Used to specify subnets in L3Vpn rule.",
"id": "L3VpnSubnet",
"module_id": "PolicyL3Vpn",
"properties": {
"subnet": {
"$ref": "IPv4CIDRBlock,
"description": "Subnet used in L3Vpn Rule.",
"required": true,
"title": "Subnet"
}
},
"title": "Subnet used in L3Vpn Rule",
"type": "object"
}
L4PortSetServiceEntry (type)
{
"additionalProperties": false,
"description": "L4PortSet can be specified in comma separated notation of parts. Parts of a L4PortSet includes single integer or range of port in hyphen notation. Example of a PortSet: \"22, 33-70, 44\".",
"extends": {
"$ref": "ServiceEntry
},
"id": "L4PortSetServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "L4PortSetServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l4_protocol": {
"enum": [
"TCP",
"UDP"
],
"required": true,
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"source_ports": {
"description": "Number of values should not exceed 15, ranges count as 2 values.",
"items": {
"$ref": "PortElement
},
"maxItems": 15,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An ServiceEntry that represents TCP or UDP protocol",
"type": "object"
}
L7AccessAttributes (type)
{
"additionalProperties": false,
"description": "Supported Attribute Keys are APP_ID, URL_CATEGORY, URL_REPUTATION, CUSTOM_URL",
"extends": {
"$ref": "PolicyAttributes
},
"id": "L7AccessAttributes",
"module_id": "L7AccessProfile",
"properties": {
"attribute_source": {
"default": "SYSTEM",
"enum": [
"SYSTEM",
"CUSTOM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"isALGType": {
"description": "Describes whether the APP_ID value is ALG type or not.",
"required": false,
"title": "Is the value ALG type",
"type": "boolean"
},
"key": {
"description": "URL_Reputation is currently not available. Please do not use it in Attribute Key while creating context profile",
"enum": [
"APP_ID",
"DOMAIN_NAME",
"URL_CATEGORY",
"URL_REPUTATION",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For URL CATEGORY key , it specified super category for url category value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Attributes data holder",
"type": "object"
}
L7AccessEntry (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes like APP_ID, CUSTOM_URL, URL_CATEGORY, URL_REPUTATION.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L7AccessEntry",
"module_id": "L7AccessProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"$ref": "L7AccessEntryAction,
"required": true
},
"attributes": {
"description": "Property containing attributes/sub-attributes for Policy L7 Access Profile.",
"items": {
"$ref": "L7AccessAttributes
},
"maxItems": 1,
"required": true,
"title": "Array of Policy L7 Access Profile attributes",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the entry. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the entry",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Determines the order of the entry in this profile. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic.",
"required": false,
"title": "Policy L7 Access Entry Order",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy L7 Access entry",
"type": "object"
}
L7AccessEntryAction (type)
{
"description": "The action to be applied to all the services.",
"enum": [
"ALLOW",
"REJECT",
"REJECT_WITH_RESPONSE"
],
"id": "L7AccessEntryAction",
"module_id": "L7AccessProfile",
"required": true,
"title": "L7 acces profile entry action",
"type": "string"
}
L7AccessProfile (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates multiple L7 access profile entries. The entity wil be consumed in firewall rules and can be added in new tuple called profile in firewall rules. One of either Context Profile or L7 Access Profile can be used in firewall rule.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "L7AccessProfile",
"module_id": "L7AccessProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"default_action": {
"$ref": "L7AccessEntryAction,
"required": true
},
"default_action_logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable default logging flag",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entry_count": {
"description": "The count of entries in the L7 profile.",
"readonly": true,
"title": "Entry count",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l7_access_entries": {
"description": "Property containing L7 access entries for Policy L7 Access Profile.",
"items": {
"$ref": "L7AccessEntry
},
"maxItems": 1000,
"required": false,
"title": "Array of Policy L7 Access Profile entries",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy L7 Acces profile",
"type": "object"
}
LBAccessListControl (type)
{
"additionalProperties": false,
"description": "LBAccessListControl is used to define how IP access list control can filter the connections from clients.",
"id": "LBAccessListControl",
"module_id": "PolicyLoadBalancer",
"properties": {
"action": {
"description": "ALLOW means connections matching grouping object IP list are allowed and requests not matching grouping object IP list are dropped. DROP means connections matching grouping object IP list are dropped and requests not matching grouping object IP list are allowed.",
"enum": [
"ALLOW",
"DROP"
],
"required": true,
"title": "IP access list control action",
"type": "string"
},
"enabled": {
"default": false,
"description": "The enabled flag indicates whether to enable access list control option. It is false by default.",
"required": false,
"title": "Whether to enable access list control option",
"type": "boolean"
},
"group_path": {
"description": "The path of grouping object which defines the IP addresses or ranges to match the client IP.",
"required": true,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
}
},
"title": "IP access list control to filter the connections from clients",
"type": "object"
}
LBActiveMonitor (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "All the active types of LBMonitorProfile extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "LBMonitorProfile
},
"id": "LBActiveMonitor",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBActiveMonitor"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of active LBMonitorProfile",
"type": "object"
}
LBAppProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "App profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBAppProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "App profile",
"type": "object"
}
LBApplicationProfileType (type)
{
"additionalProperties": false,
"description": "An application profile can be bound to a virtual server to specify the application protocol characteristics. It is used to influence how load balancing is performed. Currently, three types of application profiles are supported: LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile. LBFastTCPProfile or LBFastUDPProfile is typically used when the application is using a custom protocol or a standard protocol not supported by the load balancer. It is also used in cases where the user only wants L4 load balancing mainly because L4 load balancing has much higher performance and scalability, and/or supports connection mirroring. LBHttpProfile is used for both HTTP and HTTPS applications. Though application rules, if bound to the virtual server, can be used to accomplish the same goal, LBHttpProfile is intended to simplify enabling certain common use cases. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBHttpProfile",
"LBFastTcpProfile",
"LBFastUdpProfile"
],
"id": "LBApplicationProfileType",
"module_id": "PolicyLoadBalancer",
"title": "Application profile type",
"type": "string"
}
LBClientCertificateIssuerDnCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Match condition for client certficate issuer DN.",
"id": "LBClientCertificateIssuerDnCondition",
"module_id": "PolicyLoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing issuer DN value.",
"required": false,
"title": "A case sensitive flag for issuer DN comparing",
"type": "boolean"
},
"issuer_dn": {
"description": "Value of issuer DN.",
"required": true,
"title": "Value of issuer DN",
"type": "string"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of issuer DN.",
"required": false,
"title": "Match type of issuer DN"
}
},
"title": "Match condition for client certficate issuer DN",
"type": "object"
}
LBClientCertificateSubjectDnCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Match condition for client certficate subject DN.",
"id": "LBClientCertificateSubjectDnCondition",
"module_id": "PolicyLoadBalancer",
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing subject DN value.",
"required": false,
"title": "A case sensitive flag for subject DN comparing",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of subject DN.",
"required": false,
"title": "Match type of subject DN"
},
"subject_dn": {
"description": "Value of subject DN.",
"required": true,
"title": "Value of subject DN",
"type": "string"
}
},
"title": "Match condition for client certficate subject DN",
"type": "object"
}
LBClientSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client SSL profile. LBClientSslProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBSslProfile
},
"id": "LBClientSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"description": "Supported SSL cipher list to client side.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant..",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefer_server_ciphers": {
"default": true,
"description": "During SSL handshake as part of the SSL client Hello client sends an ordered list of ciphers that it can support (or prefers) and typically server selects the first one from the top of that list it can also support. For Perfect Forward Secrecy(PFS), server could override the client's preference.",
"required": false,
"title": "Prefer server ciphers flag",
"type": "boolean"
},
"protocols": {
"description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "Supported SSL protocol list to client side",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "Session cache enable/disable flag",
"type": "boolean"
},
"session_cache_timeout": {
"default": 300,
"description": "Session cache timeout specifies how long the SSL session parameters are held on to and can be reused.",
"maximum": 86400,
"minimum": 1,
"required": false,
"title": "SSL session cache timeout value",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Client SSL profile",
"type": "object"
}
LBClientSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Client SSL profile binding. LBClientSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBClientSslProfileBinding",
"module_id": "PolicyLoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "Authentication depth is used to set the verification depth in the client certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "The maximum traversal depth of client certificate chain",
"type": "integer"
},
"client_auth": {
"$ref": "ClientAuthType,
"default": "IGNORE",
"description": "Client authentication mode.",
"required": false,
"title": "Client authentication mode",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"client_auth_ca_paths": {
"description": "If client auth type is REQUIRED, client certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA path list to verify client certificate",
"type": "array"
},
"client_auth_crl_paths": {
"description": "A Certificate Revocation List (CRL) can be specified in the client-side SSL profile binding to disallow compromised client certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL path list to verify client certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_CLIENT_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBClientSslProfile"
]
}
]
},
"default_certificate_path": {
"description": "A default certificate should be specified which will be used if the server does not host multiple hostnames on the same IP address or if the client does not support SNI extension.",
"required": true,
"title": "Default service certificate identifier",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"sni_certificate_paths": {
"description": "Client-side SSL profile binding allows multiple certificates, for different hostnames, to be bound to the same virtual server.",
"items": {
"type": "string"
},
"required": false,
"title": "SNI certificate path list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"ssl_profile_path": {
"description": "Client SSL profile defines reusable, application-independent client side SSL properties.",
"required": false,
"title": "Client SSL profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_CLIENT_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBClientSslProfile"
]
}
]
}
},
"title": "Client SSL profile binding",
"type": "object"
}
LBConnectionDropAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to drop the connections. There is no extra propery in this action. If there is no match condition specified, the connection will be always dropped. This action can be specified at HTTP_ACCESS or HTTP_FORWARDING pahse.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBConnectionDropAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBConnectionDropAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to drop connections",
"type": "object"
}
LBCookiePersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBCookiePersistenceProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBCookiePersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBCookiePersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cookie_domain": {
"description": "HTTP cookie domain could be configured, only available for insert mode.",
"required": false,
"title": "Cookie domain",
"type": "string"
},
"cookie_fallback": {
"default": true,
"description": "If fallback is true, once the cookie points to a server that is down (i.e. admin state DISABLED or healthcheck state is DOWN), then a new server is selected by default to handle that request. If fallback is false, it will cause the request to be rejected if cookie points to a server.",
"required": false,
"title": "Cookie persistence fallback",
"type": "boolean"
},
"cookie_garble": {
"default": true,
"description": "If garble is set to true, cookie value (server IP and port) would be encrypted. If garble is set to false, cookie value would be plain text.",
"required": false,
"title": "Cookie persistence garble",
"type": "boolean"
},
"cookie_httponly": {
"default": false,
"description": "If cookie httponly flag is true, it prevents a script running in the browser from accessing the cookie. Only available for insert mode.",
"required": false,
"title": "Cookie httponly flag",
"type": "boolean"
},
"cookie_mode": {
"$ref": "CookiePersistenceModeType,
"default": "INSERT",
"description": "Cookie persistence mode.",
"required": false,
"title": "Cookie persistence mode"
},
"cookie_name": {
"default": "NSXLB",
"description": "Cookie name.",
"required": false,
"title": "Cookie name",
"type": "string"
},
"cookie_path": {
"description": "HTTP cookie path could be set, only available for insert mode.",
"required": false,
"title": "Cookie path",
"type": "string"
},
"cookie_secure": {
"default": false,
"description": "If cookie secure flag is true, it prevents the browser from sending a cookie over http. The cookie is sent only over https. Only available for insert mode.",
"required": false,
"title": "Cookie secure flag",
"type": "boolean"
},
"cookie_time": {
"$ref": "LBCookieTime,
"description": "Both session cookie and persistence cookie are supported, if not specified, it's a session cookie. It expires when the browser is closed.",
"required": false,
"title": "Cookie time setting"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBPersistenceProflie using Cookies for L7 LBVirtualServer",
"type": "object"
}
LBCookieTime (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Cookie time.",
"id": "LBCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Cookie time",
"type": "object"
}
LBCookieTimeType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Both session cookie and persistence cookie are supported, Use LbSessionCookieTime for session cookie time setting, Use LbPersistenceCookieTime for persistence cookie time setting",
"enum": [
"LBSessionCookieTime",
"LBPersistenceCookieTime"
],
"id": "LBCookieTimeType",
"module_id": "PolicyLoadBalancer",
"title": "CookieTime type",
"type": "string"
}
LBFastTcpProfile (type)
{
"additionalProperties": false,
"description": "Fast TCP profile.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBFastTcpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBFastTcpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"close_timeout": {
"default": 8,
"description": "It is used to specify how long a closing TCP connection (both FINs received or a RST is received) should be kept for this application before cleaning up the connection.",
"maximum": 60,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "Flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 1800,
"description": "It is used to configure how long an idle TCP connection in ESTABLISHED state should be kept for this application before cleaning up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "TCP connection idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Fast TCP profile",
"type": "object"
}
LBFastUdpProfile (type)
{
"additionalProperties": false,
"description": "Fast UDP profile.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBFastUdpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBFastUdpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"flow_mirroring_enabled": {
"default": false,
"description": "If flow mirroring is enabled, all the flows to the bounded virtual server are mirrored to the standby node.",
"required": false,
"title": "Flow mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 300,
"description": "Though UDP is a connectionless protocol, for the purposes of load balancing, all UDP packets with the same flow signature (source and destination IP/ports and IP protocol) received within the idle timeout period are considered to belong to the same connection and are sent to the same backend server. If no packets are received for idle timeout period, the connection (association between flow signature and the selected server) is cleaned up.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "UDP idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Fast UDP profile",
"type": "object"
}
LBGenericPersistenceProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to virtual server directly, it can be specified in LB rule actions. In HTTP forwarding phase, the profile can be specified in LBVariablePersistenceOnAction. In HTTP response rewriting phase, the profile can be specified in LBVariablePersistenceLearnAction. LBGenericPersistenceProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBGenericPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBGenericPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"description": "The mirroring enabled flag is to synchronize persistence entries. Persistence entries are not synchronized to the HA peer by default.",
"required": false,
"title": "Mirroring enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Persistence entry expiration time in seconds",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LB generic persistence profile",
"type": "object"
}
LBHttpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBHttpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"request_body": {
"description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.",
"required": false,
"title": "HTTP health check request body",
"type": "string"
},
"request_headers": {
"description": "Array of HTTP request headers.",
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"description": "The health check method for HTTP monitor type.",
"required": false,
"title": "The health check method for HTTP monitor type"
},
"request_url": {
"default": "/",
"description": "For HTTP active healthchecks, the HTTP request url sent can be customized and can include query parameters.",
"required": false,
"title": "Customized HTTP request url for active health checks",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"description": "HTTP request version.",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "Response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over HTTP",
"type": "object"
}
LBHttpProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Http profile. LBHttpProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBAppProfile
},
"id": "LBHttpProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"http_redirect_to": {
"description": "If a website is temporarily down or has moved, incoming requests for that virtual server can be temporarily redirected to a URL.",
"required": false,
"title": "Http redirect static URL",
"type": "string"
},
"http_redirect_to_https": {
"default": false,
"description": "Certain secure applications may want to force communication over SSL, but instead of rejecting non-SSL connections, they may choose to redirect the client automatically to use SSL.",
"required": false,
"title": "Flag to indicate whether enable HTTP-HTTPS redirect",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_timeout": {
"default": 15,
"description": "It is used to specify the HTTP application idle timeout, it means that how long the load balancer will keep the connection idle to wait for the client to send the next keep-alive request. It is not a TCP socket setting.",
"maximum": 5400,
"minimum": 1,
"required": false,
"title": "HTTP application idle timeout in seconds",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ntlm": {
"deprecated": true,
"description": "NTLM is an authentication protocol that can be used over HTTP. If the flag is set to true, LB will use NTLM challenge/response methodology. This property is deprecated. Please use the property server_keep_alive in order to keep the backend server connection alive for the client connection. When create a new profile, if both ntlm and server_keep_alive are set as different values, ERROR will be reported. When update an existing profile, if either ntlm or server_keep_alive value is changed, both of them are updated with the changed value.",
"required": false,
"title": "NTLM support flag",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"request_body_size": {
"description": "If it is not specified, it means that request body size is unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request body",
"type": "integer"
},
"request_header_size": {
"default": 1024,
"description": "A request with header equal to or below this size is guaranteed to be processed. A request with header larger than request_header_size will be processed up to 32K bytes on best effort basis.",
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP request headers",
"type": "integer"
},
"resource_type": {
"$ref": "LBApplicationProfileType,
"required": true
},
"response_buffering": {
"default": false,
"description": "When buffering is disabled, the response is passed to a client synchronously, immediately as it is received. When buffering is enabled, LB receives a response from the backend server as soon as possible, saving it into the buffers.",
"required": false,
"title": "Enable or disable buffering of responses",
"type": "boolean"
},
"response_header_size": {
"default": 4096,
"description": "A response with header larger than response_header_size will be dropped.",
"maximum": 65536,
"minimum": 1,
"required": false,
"title": "Maximum size of the buffer used to store HTTP response headers",
"type": "integer"
},
"response_timeout": {
"default": 60,
"description": "If server doesn\u2019t send any packet within this time, the connection is closed.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum server idle time in seconds",
"type": "integer"
},
"server_keep_alive": {
"description": "If server_keep_alive is true, it means the backend connection will keep alive for the client connection. Every client connection is tied 1:1 with the corresponding server-side connection. If server_keep_alive is false, it means the backend connection won't keep alive for the client connection. If server_keep_alive is not specified for API input, its value in API output will be the same with the property ntlm.",
"required": false,
"title": "Server keep-alive flag",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"x_forwarded_for": {
"$ref": "LBXForwardedForType,
"description": "When X-Forwareded-For is configured, X-Forwarded-Proto and X-Forwarded-Port information is added automatically. The two additional header information can be also modified or deleted in load balancer rules.",
"required": false,
"title": "Insert or replace x_forwarded_for"
}
},
"title": "Http profile",
"type": "object"
}
LBHttpRedirectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to redirect HTTP request messages to a new URL. The reply_status value specified in this action is used as the status code of HTTP response message which is sent back to client (Normally a browser). The HTTP status code for redirection is 3xx, for example, 301, 302, 303, 307, etc. The redirect_url is the new URL that the HTTP request message is redirected to. Normally browser will send another HTTP request to the new URL after receiving a redirection response message. Captured variables and built-in variables can be used in redirect_url field. For example, to redirect all HTTP requests to HTTPS requests for a virtual server. We create an LBRule without any conditions, add an LBHttpRedirectAction to the rule. Set the redirect_url field of the LBHttpRedirectAction to: https://$_host$_request_uri And set redirect_status to \"302\", which means found. This rule will redirect all HTTP requests to HTTPS server port on the same host.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRedirectAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRedirectAction"
},
"properties": {
"redirect_status": {
"description": "HTTP response status code.",
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"redirect_url": {
"description": "The URL that the HTTP request is redirected to.",
"required": true,
"title": "The URL that the HTTP request is redirected to",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to redirect HTTP request messages",
"type": "object"
}
LBHttpRejectAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to reject HTTP request messages. The specified reply_status value is used as the status code for the corresponding HTTP response message which is sent back to client (Normally a browser) indicating the reason it was rejected. Reference official HTTP status code list for your specific HTTP version to set the reply_status properly. LBHttpRejectAction does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRejectAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRejectAction"
},
"properties": {
"reply_message": {
"description": "Response message.",
"required": false,
"title": "Response message",
"type": "string"
},
"reply_status": {
"description": "HTTP response status code.",
"required": true,
"title": "HTTP response status code",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to reject HTTP request messages",
"type": "object"
}
LBHttpRequestBodyCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the message body of an HTTP request. Typically, only HTTP POST, PATCH, or PUT requests have request body. The match_type field defines how body_value field is used to match the body of HTTP requests.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestBodyCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestBodyCondition"
},
"properties": {
"body_value": {
"required": true,
"title": "HTTP request body",
"type": "string"
},
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP body value.",
"required": false,
"title": "A case sensitive flag for HTTP body comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP body"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match content of HTTP request message body",
"type": "object"
}
LBHttpRequestCookieCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by cookie which is a specific type of HTTP header. The match_type and case_sensitive define how to compare cookie value.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestCookieCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestCookieCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing cookie value.",
"required": false,
"title": "A case sensitive flag for cookie value comparing",
"type": "boolean"
},
"cookie_name": {
"description": "Cookie name.",
"required": true,
"title": "Name of cookie",
"type": "string"
},
"cookie_value": {
"description": "Cookie value.",
"required": true,
"title": "Value of cookie",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"description": "Match type of cookie value.",
"required": false,
"title": "Match type of cookie value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request cookie",
"type": "object"
}
LBHttpRequestHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP request messages by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP requests. The header_name field does not support match types.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"default": "Host",
"required": false,
"title": "Name of HTTP header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match HTTP request header",
"type": "object"
}
LBHttpRequestHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP request messages at HTTP_REQUEST_REWRITE phase. One action can be used to delete all headers with same header name. To delete headers with different header names, multiple actions must be defined.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestHeaderDeleteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderDeleteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP request message.",
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP request header fields",
"type": "object"
}
LBHttpRequestHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of matched HTTP request messages to specified new values. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestHeaderRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestHeaderRewriteAction"
},
"properties": {
"header_name": {
"description": "Name of HTTP request header.",
"required": true,
"title": "Name of HTTP request header",
"type": "string"
},
"header_value": {
"description": "Value of HTTP request header.",
"required": true,
"title": "Value of HTTP request header",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite header fields of HTTP request messages",
"type": "object"
}
LBHttpRequestMethodCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match method of HTTP requests. If the method of an HTTP request is same as the method specified in this condition, the HTTP request match this condition. For example, if the method field is set to GET in this condition, any HTTP request with GET method matches the condition.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestMethodCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestMethodCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"method": {
"$ref": "HttpRequestMethodType,
"required": true,
"title": "Type of HTTP request method"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match method of HTTP request messages",
"type": "object"
}
LBHttpRequestUriArgumentsCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URI arguments aka query string of Http request messages, for example, in URI http://exaple.com?foo=1&bar=2, the \"foo=1&bar=2\" is the query string containing URI arguments. In an URI scheme, query string is indicated by the first question mark (\"?\") character and terminated by a number sign (\"#\") character or by the end of the URI. The uri_arguments field can be specified as a regular expression(Set match_type to REGEX). For example, \"foo=(?<x>\\d+)\". It matches HTTP requests whose URI arguments containing \"foo\", the value of foo contains only digits. And the value of foo is captured as $x which can be used in LBRuleAction fields which support variables.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestUriArgumentsCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriArgumentsCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI arguments.",
"required": false,
"title": "A case sensitive flag for URI arguments comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI arguments"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri_arguments": {
"description": "URI arguments, aka query string of URI.",
"required": true,
"title": "URI arguments",
"type": "string"
}
},
"title": "Condition to match URI arguments of HTTP requests",
"type": "object"
}
LBHttpRequestUriCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match URIs(Uniform Resource Identifier) of HTTP request messages. The URI field can be specified as a regular expression. If an HTTP request message is requesting an URI which matches specified regular expression, it matches the condition. The syntax of whole URI looks like this: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] This condition matches only the path part of entire URI. When match_type field is specified as REGEX, the uri field is used as a regular expression to match URI path of HTTP requests. For example, to match any URI that has \"/image/\" or \"/images/\", uri field can be specified as: \"/image[s]?/\". Named capturing groups can be used in the uri field to capture substrings of matched URIs and store them in variables for use in LBRuleAction. For example, specify uri field as: \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\" If the URI path is /articles/news/2017/06/xyz.html, then substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can then be used in an LBRuleAction field which supports variables, such as uri field of LBHttpRequestUriRewriteAction. For example, set the uri field of LBHttpRequestUriRewriteAction as: \"/articles/news/$year-$month-$article\" Then the URI path /articles/news/2017/06/xyz.html is rewritten to: \"/articles/news/2017-06-xyz.html\"",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestUriCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing URI.",
"required": false,
"title": "A case sensitive flag for URI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of URI"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"uri": {
"required": true,
"title": "A string used to identify resource",
"type": "string"
}
},
"title": "Condition to match URIs of HTTP request messages",
"type": "object"
}
LBHttpRequestUriRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite URIs in matched HTTP request messages. Specify the uri and uri_arguments fields in this condition to rewrite the matched HTTP request message's URI and URI arguments to the new values. Full URI scheme of HTTP messages have following syntax: scheme:[//[user[:password]@]host[:port]][/path][?query][#fragment] The uri field of this action is used to rewrite the /path part in above scheme. And the uri_arguments field is used to rewrite the query part. Captured variables and built-in variables can be used in the uri and uri_arguments fields. Check the example in LBRuleAction to see how to use variables in this action.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpRequestUriRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestUriRewriteAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"uri": {
"description": "URI of HTTP request.",
"required": true,
"title": "URI of HTTP request",
"type": "string"
},
"uri_arguments": {
"description": "Query string of URI, typically contains key value pairs, for example: foo1=bar1&foo2=bar2.",
"required": false,
"title": "URI arguments",
"type": "string"
}
},
"title": "Action to rewrite HTTP request URIs.",
"type": "object"
}
LBHttpRequestVersionCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match the HTTP protocol version of the HTTP request messages.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpRequestVersionCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpRequestVersionCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"version": {
"$ref": "HttpRequestVersionType,
"required": true,
"title": "HTTP version"
}
},
"title": "Condition to match HTTP protocol version of HTTP requests",
"type": "object"
}
LBHttpResponseHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match HTTP response messages from backend servers by HTTP header fields. HTTP header fields are components of the header section of HTTP request and response messages. They define the operating parameters of an HTTP transaction. For example, Cookie, Authorization, User-Agent, etc. One condition can be used to match one header field, to match multiple header fields, multiple conditions must be specified. The match_type field defines how header_value field is used to match HTTP responses. The header_name field does not support match types.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpResponseHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing HTTP header value.",
"required": false,
"title": "A case sensitive flag for HTTP header value comparing",
"type": "boolean"
},
"header_name": {
"required": true,
"title": "Name of HTTP header field",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP header field",
"type": "string"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of HTTP header value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match a header field of HTTP response",
"type": "object"
}
LBHttpResponseHeaderDeleteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to delete header fields of HTTP response messages at HTTP_RESPONSE_REWRITE phase. One action can be used to delete allgi headers with same header name. To delete headers with different header names, multiple actions must be defined.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpResponseHeaderDeleteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderDeleteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP response message.",
"required": true,
"title": "Name of a header field of HTTP response message",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to delete HTTP response header fields",
"type": "object"
}
LBHttpResponseHeaderRewriteAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to rewrite header fields of HTTP response messages to specified new values at HTTP_RESPONSE_REWRITE phase. One action can be used to rewrite one header field. To rewrite multiple header fields, multiple actions must be defined. Captured variables and built-in variables can be used in the header_value field, header_name field does not support variables.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBHttpResponseHeaderRewriteAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpResponseHeaderRewriteAction"
},
"properties": {
"header_name": {
"description": "Name of a header field of HTTP request message.",
"required": true,
"title": "Name of a header field of HTTP request message",
"type": "string"
},
"header_value": {
"description": "Value of header field",
"required": true,
"title": "Value of header field",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to rewrite HTTP response header fields",
"type": "object"
}
LBHttpSslCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL handshake and SSL connection at all phases.If multiple properties are configured, the rule is considered a match when all the configured properties are matched.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBHttpSslCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpSslCondition"
},
"properties": {
"client_certificate_issuer_dn": {
"$ref": "LBClientCertificateIssuerDnCondition,
"description": "The issuer DN match condition of the client certificate for an established SSL connection.",
"required": false,
"title": "The issuer DN match condition of the client certificate"
},
"client_certificate_subject_dn": {
"$ref": "LBClientCertificateSubjectDnCondition,
"description": "The subject DN match condition of the client certificate for an established SSL connection.",
"required": false,
"title": "The subject DN match condition of the client certificate"
},
"client_supported_ssl_ciphers": {
"description": "Cipher list which supported by client.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Cipher list which supported by client",
"type": "array"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"session_reused": {
"$ref": "LbSslSessionReusedType,
"default": "IGNORE",
"description": "The type of SSL session reused.",
"required": false,
"title": "The type of SSL session reused"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"used_protocol": {
"$ref": "SslProtocol,
"description": "Protocol of an established SSL connection.",
"required": false,
"title": "Protocol of an established SSL connection"
},
"used_ssl_cipher": {
"$ref": "SslCipher,
"description": "Cipher used for an established SSL connection.",
"required": false,
"title": "Cipher used for an established SSL connection"
}
},
"title": "Condition to match SSL handshake and SSL connection",
"type": "object"
}
LBHttpsMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over HTTPS. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBHttpsMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBHttpsMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBHttpsMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"request_body": {
"description": "String to send as part of HTTP health check request body. Valid only for certain HTTP methods like POST.",
"required": false,
"title": "HTTP health check request body",
"type": "string"
},
"request_headers": {
"description": "Array of HTTP request headers.",
"items": {
"$ref": "LbHttpRequestHeader
},
"required": false,
"title": "Array of HTTP request headers",
"type": "array"
},
"request_method": {
"$ref": "HttpRequestMethodType,
"default": "GET",
"description": "The health check method for HTTP monitor type.",
"required": false,
"title": "The health check method for HTTP monitor type"
},
"request_url": {
"default": "/",
"description": "For HTTPS active healthchecks, the HTTPS request url sent can be customized and can include query parameters.",
"required": false,
"title": "Customized HTTPS request url for active health checks",
"type": "string"
},
"request_version": {
"$ref": "HttpRequestVersionType,
"default": "HTTP_VERSION_1_1",
"description": "HTTP request version.",
"required": false,
"title": "HTTP request version"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"response_body": {
"description": "If HTTP response body match string (regular expressions not supported) is specified (using LBHttpMonitor.response_body) then the healthcheck HTTP response body is matched against the specified string and server is considered healthy only if there is a match. If the response body string is not specified, HTTP healthcheck is considered successful if the HTTP response status code is 2xx, but it can be configured to accept other status codes as successful.",
"required": false,
"title": "Response body to match",
"type": "string"
},
"response_status_codes": {
"description": "The HTTP response status code should be a valid HTTP status code.",
"items": {
"type": "int"
},
"maxItems": 64,
"required": false,
"title": "Array of single HTTP response status codes",
"type": "array"
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"server_ssl_profile_binding": {
"$ref": "LBServerSslProfileBinding,
"description": "The setting is used when the monitor acts as an SSL client and establishing a connection to the backend server.",
"required": false,
"title": "Pool side SSL binding setting"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over HTTPS",
"type": "object"
}
LBIcmpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over ICMP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healt hchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBIcmpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBIcmpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBIcmpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"data_length": {
"default": 56,
"maximum": 65507,
"minimum": 0,
"required": false,
"title": "The data size (in byte) of the ICMP healthcheck packet",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over ICMP",
"type": "object"
}
LBIpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match IP header fields of HTTP messages. Either source_address or group_id should be specified.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBIpHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBIpHeaderCondition"
},
"properties": {
"group_path": {
"description": "Source IP address of HTTP message should match IP addresses which are configured in Group in order to perform actions.",
"required": false,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_address": {
"$ref": "IPElement,
"description": "Source IP address of HTTP message. IP Address can be expressed as a single IP address like 10.1.1.1, or a range of IP addresses like 10.1.1.101-10.1.1.160. Both IPv4 and IPv6 addresses are supported.",
"required": false,
"title": "Source IP address of HTTP message"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LBJwtAuthAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to control access to backend server resources using JSON Web Token(JWT) authentication. The JWT authentication is done before any HTTP manipulation if the HTTP request matches the given condition in LBRule. Any verification failed, the HTTP process will be terminated, and HTTP response with 401 status code and WWW-Authentication header will be returned to client.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBJwtAuthAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtAuthAction"
},
"properties": {
"key": {
"$ref": "LBJwtKey,
"descrption": "Keys are used for verifying the signature of JWT token. In current\nversion, only symmetric (HMAC SHA256) key and asymmetric (RS256) key\nare supported. It is optional, in case no key specified, the jwt\nsignature won't be verified.\n",
"required": false,
"title": "LBJwtKey used for verifying the signature of JWT token"
},
"pass_jwt_to_pool": {
"default": false,
"description": "Specify whether to pass the JWT to backend server or remove it. By default, it is false which means will not pass the JWT to backend servers.",
"required": false,
"title": "Whether to pass the JWT to backend server or remove it",
"type": "boolean"
},
"realm": {
"description": "A description of the protected area. If no realm is specified, clients often display a formatted hostname instead. The configured realm is returned when client request is rejected with 401 http status. In the response, it will be \"WWW-Authentication: Bearer realm=<realm>\".",
"required": false,
"title": "JWT realm",
"type": "string"
},
"tokens": {
"description": "JWT is an open standard that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Load balancer will search for every specified tokens one by one for the jwt message until found. This parameter is optional. In case not found or this field is not configured, load balancer searches the Bearer header by default in the http request \"Authorization: Bearer <token>\".",
"items": {
"type": "string"
},
"required": false,
"title": "JWT tokens",
"type": "array"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to control access using JWT authentication",
"type": "object"
}
LBJwtCertificateKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify certificate which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtCertificateKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtCertificateKey"
},
"properties": {
"certificate_path": {
"required": true,
"title": "Certificate identifier",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies certificate used to verify the signature of JWT tokens",
"type": "object"
}
LBJwtKey (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "LBJwtKey specifies the symmetric key or asymmetric public key used to decrypt the data in JWT.",
"id": "LBJwtKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Load balancer JWT key",
"type": "object"
}
LBJwtKeyType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "It is used to identify JWT key type.",
"enum": [
"LBJwtCertificateKey",
"LBJwtSymmetricKey",
"LBJwtPublicKey"
],
"id": "LBJwtKeyType",
"module_id": "PolicyLoadBalancer",
"title": "Type of load balancer JWT key",
"type": "string"
}
LBJwtPublicKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the public key content which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtPublicKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtPublicKey"
},
"properties": {
"public_key_content": {
"required": true,
"title": "Content of public key",
"type": "string"
},
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies public key content used to verify the signature of JWT tokens",
"type": "object"
}
LBJwtSymmetricKey (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The key is used to specify the symmetric key which is used to verify the signature of JWT tokens.",
"extends": {
"$ref": "LBJwtKey
},
"id": "LBJwtSymmetricKey",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBJwtSymmetricKey"
},
"properties": {
"type": {
"$ref": "LBJwtKeyType,
"description": "The property is used to identify JWT key type.",
"required": true,
"title": "Type of load balancer JWT key"
}
},
"title": "Specifies the symmetric key used to verify the signature of JWT tokens",
"type": "object"
}
LBMonitorProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "The object is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
LBMonitorProfileType (type) (Deprecated)
{
"deprecated": true,
"description": "There are two types of healthchecks: active and passive. Passive healthchecks depend on failures in actual client traffic (e.g. RST from server in response to a client connection) to detect that the server or the application is down. In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Currently, active health monitors are supported for HTTP, HTTPS, TCP, UDP and ICMP protocols.",
"enum": [
"LBTcpMonitorProfile",
"LBUdpMonitorProfile",
"LBIcmpMonitorProfile",
"LBHttpMonitorProfile",
"LBHttpsMonitorProfile",
"LBPassiveMonitorProfile"
],
"id": "LBMonitorProfileType",
"module_id": "PolicyLoadBalancer",
"title": "Monitor type",
"type": "string"
}
LBPassiveMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The passive type of LBMonitorProfile. LBPassiveMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBMonitorProfile
},
"id": "LBPassiveMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBPassiveMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_fails": {
"default": 5,
"description": "When the consecutive failures reach this value, then the member is considered temporarily unavailable for a configurable period",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Number of consecutive connection failures",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "After this timeout period, the member is tried again for a new connection to see if it is available.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Timeout in seconds before it is selected again for a new connection",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of active LBMonitorProfile",
"type": "object"
}
LBPersistenceCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Persistence cookie time.",
"extends": {
"$ref": "LBCookieTime
},
"id": "LBPersistenceCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBPersistenceCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "HTTP cookie max-age to expire cookie, only available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": true,
"title": "Persistence cookie max idle time in seconds",
"type": "integer"
},
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Persistence cookie time",
"type": "object"
}
LBPersistenceProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it. LBGenericPersistenceProfile cannot be attached to LBVirtualServer directly, it can be specified in LBVariablePersistenceOnAction or LBVariablePersistenceLearnAction in LBRule. If a user attaches a LBGenericPersistenceProfile directly to a virtual server, the operation is rejected.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains the information related to load balancer persistence options",
"type": "object"
}
LBPool (type)
{
"additionalProperties": false,
"description": "Defining access of a Group from a LBVirtualServer and binding to LBMonitorProfile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBPool",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"active_monitor_paths": {
"deprecated": true,
"description": "In case of active healthchecks, load balancer itself initiates new connections (or sends ICMP ping) to the servers periodically to check their health, completely independent of any data traffic. Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the pool. If multiple active monitors are configured, the pool member status is UP only when the health check status for all the monitors are UP. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"type": "string"
},
"required": false,
"title": "Active monitor path list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_LB_MONITOR_PROFILE_RELATIONSHIP",
"rightType": [
"LBMonitorProfile"
]
}
]
},
"algorithm": {
"default": "ROUND_ROBIN",
"description": "Load Balancing algorithm chooses a server for each new connection by going through the list of servers in the pool. Currently, following load balancing algorithms are supported with ROUND_ROBIN as the default. ROUND_ROBIN means that a server is selected in a round-robin fashion. The weight would be ignored even if it is configured. WEIGHTED_ROUND_ROBIN means that a server is selected in a weighted round-robin fashion. Default weight of 1 is used if weight is not configured. LEAST_CONNECTION means that a server is selected when it has the least number of connections. The weight would be ignored even if it is configured. Slow start would be enabled by default. WEIGHTED_LEAST_CONNECTION means that a server is selected in a weighted least connection fashion. Default weight of 1 is used if weight is not configured. Slow start would be enabled by default. IP_HASH means that consistent hash is performed on the source IP address of the incoming connection. This ensures that the same client IP address will always reach the same server as long as no server goes down or up. It may be used on the Internet to provide a best-effort stickiness to clients which refuse session cookies.",
"enum": [
"ROUND_ROBIN",
"WEIGHTED_ROUND_ROBIN",
"LEAST_CONNECTION",
"WEIGHTED_LEAST_CONNECTION",
"IP_HASH"
],
"required": false,
"title": "Load balancing algorithm",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_group": {
"$ref": "LBPoolMemberGroup,
"description": "Load balancer pool support grouping object as dynamic pool members. When member group is defined, members setting should not be specified.",
"required": false,
"title": "Load balancer member setting with grouping object"
},
"members": {
"description": "Server pool consists of one or more pool members. Each pool member is identified, typically, by an IP address and a port.",
"items": {
"$ref": "LBPoolMember
},
"required": false,
"title": "Load balancer pool members",
"type": "array"
},
"min_active_members": {
"default": 1,
"description": "A pool is considered active if there are at least certain minimum number of members.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Minimum number of active pool members to consider pool as active",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passive_monitor_path": {
"deprecated": true,
"description": "Passive healthchecks are disabled by default and can be enabled by attaching a passive health monitor to a server pool. Each time a client connection to a pool member fails, its failed count is incremented. For pools bound to L7 virtual servers, a connection is considered to be failed and failed count is incremented if any TCP connection errors (e.g. TCP RST or failure to send data) or SSL handshake failures occur. For pools bound to L4 virtual servers, if no response is received to a TCP SYN sent to the pool member or if a TCP RST is received in response to a TCP SYN, then the pool member is considered to have failed and the failed count is incremented. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Passive monitor path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_LB_MONITOR_PROFILE_RELATIONSHIP",
"rightType": [
"LBMonitorProfile"
]
}
]
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snat_translation": {
"$ref": "LBSnatTranslation,
"description": "Depending on the topology, Source NAT (SNAT) may be required to ensure traffic from the server destined to the client is received by the load balancer. SNAT can be enabled per pool. If SNAT is not enabled for a pool, then load balancer uses the client IP and port (spoofing) while establishing connections to the servers. This is referred to as no-SNAT or TRANSPARENT mode. By default Source NAT is enabled as LBSnatAutoMap.",
"required": false,
"title": "Snat translation configuration"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_multiplexing_enabled": {
"default": false,
"deprecated": true,
"description": "TCP multiplexing allows the same TCP connection between load balancer and the backend server to be used for sending multiple client requests from different client TCP connections. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "TCP multiplexing enable flag",
"type": "boolean"
},
"tcp_multiplexing_number": {
"default": 6,
"deprecated": true,
"description": "The maximum number of TCP connections per pool that are idly kept alive for sending future client requests. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Maximum number of TCP connections for multiplexing",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Defining access a Group from a LBVirtualServer and binding to LBMonitorProfile",
"type": "object"
}
LBPoolMember (type)
{
"additionalProperties": false,
"description": "Pool member.",
"id": "LBPoolMember",
"module_id": "PolicyLoadBalancer",
"properties": {
"admin_state": {
"$ref": "PoolMemberAdminStateType,
"default": "ENABLED",
"description": "Member admin state.",
"required": false,
"title": "Member admin state"
},
"backup_member": {
"default": false,
"description": "Backup servers are typically configured with a sorry page indicating to the user that the application is currently unavailable. While the pool is active (a specified minimum number of pool members are active) BACKUP members are skipped during server selection. When the pool is inactive, incoming connections are sent to only the BACKUP member(s).",
"required": false,
"title": "Determine whether the pool member is for backup usage",
"type": "boolean"
},
"display_name": {
"description": "Pool member name.",
"required": false,
"title": "Pool member name",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Pool member IP address.",
"required": true,
"title": "Pool member IP address"
},
"max_concurrent_connections": {
"description": "To ensure members are not overloaded, connections to a member can be capped by the load balancer. When a member reaches this limit, it is skipped during server selection. If it is not specified, it means that connections are unlimited.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum concurrent connection number",
"type": "integer"
},
"port": {
"$ref": "PortElement,
"description": "If port is specified, all connections will be sent to this port. Only single port is supported. If unset, the same port the client connected to will be used, it could be overrode by default_pool_member_port setting in virtual server. The port should not specified for port range case.",
"required": false,
"title": "Pool member port number"
},
"weight": {
"default": 1,
"description": "Pool member weight is used for WEIGHTED_ROUND_ROBIN balancing algorithm. The weight value would be ignored in other algorithms.",
"maximum": 256,
"minimum": 1,
"required": false,
"title": "Pool member weight",
"type": "integer"
}
},
"title": "Pool member",
"type": "object"
}
LBPoolMemberGroup (type)
{
"additionalProperties": false,
"description": "Pool member group.",
"id": "LBPoolMemberGroup",
"module_id": "PolicyLoadBalancer",
"properties": {
"customized_members": {
"description": "The list is used to show the customized pool member settings. User can only user pool member action API to update the admin state for a specific IP address.",
"items": {
"$ref": "PoolMemberSetting
},
"readonly": false,
"title": "List of customized pool member settings",
"type": "array"
},
"group_path": {
"description": "Load balancer pool support Group as dynamic pool members. The IP list of the Group would be used as pool member IP setting.",
"required": true,
"title": "Grouping object path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBPool"
],
"relationshipType": "LB_POOL_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"ip_revision_filter": {
"default": "IPV4",
"description": "Ip revision filter is used to filter IPv4 or IPv6 addresses from the grouping object. If the filter is not specified, both IPv4 and IPv6 addresses would be used as server IPs. The link local and loopback addresses would be always filtered out.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"required": false,
"title": "Filter of ipv4 or ipv6 address of grouping object IP list",
"type": "string"
},
"max_ip_list_size": {
"description": "The size is used to define the maximum number of grouping object IP address list. These IP addresses would be used as pool members. If the grouping object includes more than certain number of IP addresses, the redundant parts would be ignored and those IP addresses would not be treated as pool members. If the size is not specified, one member is budgeted for this dynamic pool so that the pool has at least one member even if some other dynamic pools grow beyond the capacity of load balancer service. Other members are picked according to available dynamic capacity. The unused members would be set to DISABLED so that the load balancer system itself is not overloaded during runtime.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Maximum number of grouping object IP address list",
"type": "integer"
},
"port": {
"description": "If port is specified, all connections will be sent to this port. If unset, the same port the client connected to will be used, it could be overridden by default_pool_member_ports setting in virtual server. The port should not specified for multiple ports case.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Pool member port for all IP addresses of the grouping object",
"type": "int"
}
},
"title": "Pool member group",
"type": "object"
}
LBRule (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Binding of a LBPool and Group to a LBVirtualServer used to route application traffic passing through load balancers. LBRule uses match conditions to match application traffic passing through a LBVirtualServer using HTTP or HTTPS. Can bind multiple LBVirtualServers to a Group. Each LBRule consists of two optional match conditions, each match contidion defines a criterion for application traffic. If no match conditions are specified, then the LBRule will always match and it is used typically to define default rules. If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LBRule to be considered a match. A match indicates that the LBVirtualServer should route the request to the Group (parent of LBRule). LBRule is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBRule",
"module_id": "PolicyLoadBalancer",
"properties": {
"actions": {
"description": "A list of actions to be executed at specified phase when load balancer rule matches. The actions are used to manipulate application traffic, such as rewrite URI of HTTP messages, redirect HTTP messages, etc.",
"items": {
"$ref": "LBRuleAction
},
"maxItems": 60,
"required": true,
"title": "Actions to be executed",
"type": "array"
},
"display_name": {
"description": "A display name useful for identifying an LBRule.",
"required": false,
"title": "Display name for LBRule",
"type": "string"
},
"match_conditions": {
"description": "A list of match conditions used to match application traffic. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion to match application traffic. If no match conditions are specified, then the load balancer rule will always match and it is used typically to define default rules. If more than one match condition is specified, then match strategy determines if all conditions should match or any one condition should match for the load balancer rule to considered a match.",
"items": {
"$ref": "LBRuleCondition
},
"maxItems": 60,
"required": false,
"title": "Conditions to match application traffic",
"type": "array"
},
"match_strategy": {
"default": "ANY",
"description": "If more than one match condition is specified, then matching strategy determines if all conditions should match or any one condition should match for the LB Rule to be considered a match. - ALL indicates that both host_match and path_match must match for this LBRule to be considered a match. - ANY indicates that either host_match or patch match may match for this LBRule to be considered a match.",
"enum": [
"ALL",
"ANY"
],
"required": false,
"title": "Match strategy for determining match of multiple conditions",
"type": "string"
},
"phase": {
"default": "HTTP_FORWARDING",
"description": "Each load balancer rule is used at a specific phase of load balancer processing. Currently five phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING, HTTP_RESPONSE_REWRITE, HTTP_ACCESS and TRANSPORT. When an HTTP request message is received by load balancer, all HTTP_REQUEST_REWRITE rules, if present are executed in the order they are applied to virtual server. And then if HTTP_FORWARDING rules present, only first matching rule's action is executed, remaining rules are not checked. HTTP_FORWARDING rules can have only one action. If the request is forwarded to a backend server and the response goes back to load balancer, all HTTP_RESPONSE_REWRITE rules, if present, are executed in the order they are applied to the virtual server. In HTTP_ACCESS phase, user can define action to control access using JWT authentication. In TRANSPORT phase, user can define the condition to match SNI in TLS client hello and define the action to do SSL end-to-end, SSL offloading or SSL passthrough using a specific load balancer server pool.",
"enum": [
"HTTP_REQUEST_REWRITE",
"HTTP_FORWARDING",
"HTTP_RESPONSE_REWRITE",
"HTTP_ACCESS",
"TRANSPORT"
],
"required": false,
"title": "Load balancer processing phase",
"type": "string"
}
},
"title": "Binding of a LBPool and Group to a LBVirtualServer",
"type": "object"
}
LBRuleAction (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer rule actions are used to manipulate application traffic. Currently load balancer rules can be used at three load balancer processing phases. Each phase has its own supported type of actions. Supported actions in HTTP_REQUST_REWRITE phase are: LBHttpRequestUriRewriteAction LBHttpRequestHeaderRewriteAction LBHttpRequestHeaderDeleteAction LBVariableAssignmentAction Supported actions in HTTP_FORWARDING phase are: LBHttpRejectAction LBHttpRedirectAction LBSelectPoolAction LBVariablePersistenceOnAction LBConnectionDropAction Supported action in HTTP_RESPONSE_REWRITE phase is: LBHttpResponseHeaderRewriteAction LBHttpResponseHeaderDeleteAction LBVariablePersistenceLearnAction Supported action in HTTP_ACCESS phase is: LBJwtAuthAction LBConnectionDropAction LBVariableAssignmentAction Supported action in TRANSPORT phase is: LBSslModeSelectionAction LBSelectPoolAction If the match type of an LBRuleCondition field is specified as REGEX and named capturing groups are used in the specified regular expression. The groups can be used as variables in LBRuleAction fields. For example, define a rule with LBHttpRequestUriCondition as match condition and LBHttpRequestUriRewriteAction as action. Set match_type field of LBHttpRequestUriCondition to REGEX, and set uri field to \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\". Set uri field of LBHttpRequestUriRewriteAction to: \"/news/$year-$month/$article\" In uri field of LBHttpRequestUriCondition, the (?<year>\\d+), (?<month>\\d+) and (?<article>.*) are named capturing groups, they define variables named $year, $month and $article respectively. The defined variables are used in LBHttpRequestUriRewriteAction. For a matched HTTP request with URI \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable $year, \"06\" is captured in variable $month, and \"xyz.html\" is captured in variable $article. The LBHttpRequestUriRewriteAction will rewrite the URI to: \"/news/2017-06/xyz.html\" A set of built-in variables can be used in LBRuleAction as well. The name of built-in variables start with underscore, the name of user defined variables is not allowed to start with underscore. Following are some of the built-in variables: $_scheme: Reference the scheme part of matched HTTP messages, could be \"http\" or \"https\". $_host: Host of matched HTTP messages, for example \"www.example.com\". $_server_port: Port part of URI, it is also the port of the server which accepted a request. Default port is 80 for http and 443 for https. $_uri: The URI path, for example \"/products/sample.html\". $_request_uri: Full original request URI with arguments, for example, \"/products/sample.html?a=b&c=d\". $_args: URI arguments, for instance \"a=b&c=d\" $_is_args: \"?\" if a request has URI arguments, or an empty string otherwise. For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"id": "LBRuleAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Load balancer rule action",
"type": "object"
}
LBRuleActionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Types of load balancer rule actions.",
"enum": [
"LBSelectPoolAction",
"LBHttpRequestUriRewriteAction",
"LBHttpRequestHeaderRewriteAction",
"LBHttpRejectAction",
"LBHttpRedirectAction",
"LBHttpResponseHeaderRewriteAction",
"LBHttpRequestHeaderDeleteAction",
"LBHttpResponseHeaderDeleteAction",
"LBVariableAssignmentAction",
"LBVariablePersistenceOnAction",
"LBVariablePersistenceLearnAction",
"LBJwtAuthAction",
"LBSslModeSelectionAction",
"LBConnectionDropAction"
],
"id": "LBRuleActionType",
"module_id": "PolicyLoadBalancer",
"title": "Types of load balancer rule actions",
"type": "string"
}
LBRuleCondition (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Match conditions are used to match application traffic passing through load balancers. Multiple match conditions can be specified in one load balancer rule, each match condition defines a criterion for application traffic. If inverse field is set to true, the match result of the condition is inverted. If more than one match condition is specified, match strategy determines if all conditions should match or any one condition should match for the load balancer rule to be considered a match. Currently only HTTP messages are supported by load balancer rules. Each load balancer rule is used at a specific phase of load balancer processing. Currently three phases are supported, HTTP_REQUEST_REWRITE, HTTP_FORWARDING and HTTP_RESPONSE_REWRITE. Each phase supports certain types of match conditions, supported match conditions in HTTP_REQUEST_REWRITE phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match conditions in HTTP_FORWARDING phase are: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition LBSslSniCondition Supported match conditions in HTTP_RESPONSE_REWRITE phase are: LBHttpResponseHeaderCondition LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in HTTP_ACCESS phase is: LBHttpRequestMethodCondition LBHttpRequestUriCondition LBHttpRequestUriArgumentsCondition LBHttpRequestVersionCondition LBHttpRequestHeaderCondition LBHttpRequestCookieCondition LBHttpRequestBodyCondition LBTcpHeaderCondition LBIpHeaderCondition LBVariableCondition LBHttpSslCondition Supported match condition in TRANSPORT phase is: LBSslSniCondition",
"id": "LBRuleCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Match condition of load balancer rule",
"type": "object"
}
LBRuleConditionType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Type of load balancer rule match condition.",
"enum": [
"LBHttpRequestUriCondition",
"LBHttpRequestHeaderCondition",
"LBHttpRequestMethodCondition",
"LBHttpRequestUriArgumentsCondition",
"LBHttpRequestVersionCondition",
"LBHttpRequestCookieCondition",
"LBHttpRequestBodyCondition",
"LBHttpResponseHeaderCondition",
"LBTcpHeaderCondition",
"LBIpHeaderCondition",
"LBVariableCondition",
"LBHttpSslCondition",
"LBSslSniCondition"
],
"id": "LBRuleConditionType",
"module_id": "PolicyLoadBalancer",
"title": "Type of load balancer rule match condition",
"type": "string"
}
LBSelectPoolAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select a pool for matched HTTP request messages. The pool is specified by path. The matched HTTP request messages are forwarded to the specified pool.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBSelectPoolAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSelectPoolAction"
},
"properties": {
"pool_id": {
"description": "Path of load balancer pool.",
"required": true,
"title": "Path of load balancer pool",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select a pool for HTTP request messages",
"type": "object"
}
LBServerAuthType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server authentication could be AUTO_APPLY, REQUIRED or IGNORE, it is used to specify if the server certificate presented to the load balancer during handshake should be actually validated or not. Validation is automatic by default when server_auth_ca_certificate_paths are configured and IGNORED when they are not configured. If validation is REQUIRED, then to be accepted, server certificate must be signed by one of the trusted CAs whose self signed certificates are specified in the same server-side SSL profile binding.",
"enum": [
"REQUIRED",
"IGNORE",
"AUTO_APPLY"
],
"id": "LBServerAuthType",
"module_id": "PolicyLoadBalancer",
"title": "server authentication mode",
"type": "string"
}
LBServerSslProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server SSL profile. LBServerSslProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBSslProfile
},
"id": "LBServerSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cipher_group_label": {
"$ref": "SslCipherGroup,
"description": "It is a label of cipher group which is mostly consumed by GUI.",
"required": false,
"title": "Label of cipher group"
},
"ciphers": {
"description": "Supported SSL cipher list to client side.",
"items": {
"$ref": "SslCipher
},
"required": false,
"title": "Supported SSL cipher list to client side",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_fips": {
"description": "This flag is set to true when all the ciphers and protocols are FIPS compliant. It is set to false when one of the ciphers or protocols are not FIPS compliant.",
"readonly": true,
"title": "FIPS compliance of ciphers and protocols",
"type": "boolean"
},
"is_secure": {
"description": "This flag is set to true when all the ciphers and protocols are secure. It is set to false when one of the ciphers or protocols is insecure.",
"readonly": true,
"title": "Secure/Insecure SSL profile flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protocols": {
"description": "SSL versions TLS1.1 and TLS1.2 are supported and enabled by default. SSLv2, SSLv3, and TLS1.0 are supported, but disabled by default.",
"items": {
"$ref": "SslProtocol
},
"required": false,
"title": "Supported SSL protocol list to client side",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"session_cache_enabled": {
"default": true,
"description": "SSL session caching allows SSL client and server to reuse previously negotiated security parameters avoiding the expensive public key operation during handshake.",
"required": false,
"title": "Session cache enable/disable falg",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Server SSL profile",
"type": "object"
}
LBServerSslProfileBinding (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Server SSL profile binding. LBServerSslProfileBinding is deprecated as NSX-T Load Balancer is deprecated.",
"id": "LBServerSslProfileBinding",
"module_id": "PolicyLoadBalancer",
"properties": {
"certificate_chain_depth": {
"default": 3,
"description": "Authentication depth is used to set the verification depth in the server certificates chain.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "The maximum traversal depth of server certificate chain",
"type": "integer"
},
"client_certificate_path": {
"description": "To support client authentication (load balancer acting as a client authenticating to the backend server), client certificate can be specified in the server-side SSL profile binding",
"required": false,
"title": "Client certificate path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"server_auth": {
"$ref": "LBServerAuthType,
"default": "AUTO_APPLY",
"description": "Server authentication mode.",
"title": "Server authentication mode"
},
"server_auth_ca_paths": {
"description": "If server auth type is REQUIRED, server certificate must be signed by one of the trusted Certificate Authorities (CAs), also referred to as root CAs, whose self signed certificates are specified.",
"items": {
"type": "string"
},
"required": false,
"title": "CA path list to verify server certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"server_auth_crl_paths": {
"description": "A Certificate Revocation List (CRL) can be specified in the server-side SSL profile binding to disallow compromised server certificates.",
"items": {
"type": "string"
},
"required": false,
"title": "CRL path list to verify server certificate",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_TLS_CRL_RELATIONSHIP",
"rightType": [
"TlsCrl"
]
}
]
},
"ssl_profile_path": {
"description": "Server SSL profile defines reusable, application-independent server side SSL properties.",
"required": false,
"title": "Server SSL profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_SERVER_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBServerSslProfile"
]
},
{
"leftType": [
"LBMonitorProfile"
],
"relationshipType": "LB_MONTOR_PROFILE_LB_SERVER_SSL_PROFILE_RELATIONSHIP",
"rightType": [
"LBServerSslProfile"
]
}
]
}
},
"title": "Server SSL profile binding",
"type": "object"
}
LBService (type)
{
"additionalProperties": false,
"description": "Loadbalancer Service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBService",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_log_enabled": {
"deprecated": true,
"details": "This is a deprecated property, please use 'access_log_enabled' in\nLBVirtualServer. If both virtual server and load balancer service have\nthe setting, the setting in virtual server layer would override it and\ntake effect.\nIf access log is enabled, all HTTP requests sent to a L7 virtual server\nare logged to the access log file. L4 virtual server connections are\nnot currently logged to the access log.\n",
"required": false,
"title": "Flag to enable access log",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connectivity_path": {
"description": "LBS could be instantiated (or created) on the Tier-1, etc. For now, only the Tier-1 object is supported.",
"required": false,
"title": "The connectivity target used to instantiate the LBService",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBService"
],
"relationshipType": "LB_SERVICE_NETWORK_RELATIONSHIP",
"rightType": [
"Tier1"
]
},
{
"leftType": [
"LBService"
],
"relationshipType": "LB_SERVICE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable the load balancer service.",
"required": false,
"title": "Flag to enable the load balancer service",
"type": "boolean"
},
"error_log_level": {
"$ref": "LbLogLevel,
"default": "INFO",
"description": "Load balancer engine writes information about encountered issues of different severity levels to the error log. This setting is used to define the severity level of the error log.",
"required": false,
"title": "Error log level of load balancer service"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"relax_scale_validation": {
"default": false,
"deprecated": true,
"description": "If relax_scale_validation is true, the scale validations for virtual servers/pools/pool members/rules are relaxed for load balancer service. When load balancer service is deployed on edge nodes, the scale of virtual servers/pools/pool members for the load balancer service should not exceed the scale number of the largest load balancer size which could be configured on a certain edge form factor. For example, the largest load balancer size supported on a MEDIUM edge node is MEDIUM. So one SMALL load balancer deployed on MEDIUM edge nodes can support the scale number of MEDIUM load balancer. It is not recommended to enable active monitors if relax_scale_validation is true due to performance consideration. If relax_scale_validation is false, scale numbers should be validated for load balancer service. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Whether scale validation is relaxed",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"size": {
"$ref": "LbServiceSize,
"default": "SMALL",
"description": "Load balancer service size. The load balancer service sizes, SMALL, MEDIUM, LARGE and XLARGE are all deprecated. Customers who are using this set of features are advised to migrate to NSX Advanced Load Balancer (Avi) which provides a superset of the NSX-T load balancing functionality.",
"required": false,
"title": "Load balancer service size"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Loadbalancer Service",
"type": "object"
}
LBSessionCookieTime (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Session cookie time.",
"extends": {
"$ref": "LBCookieTime
},
"id": "LBSessionCookieTime",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSessionCookieTime"
},
"properties": {
"cookie_max_idle": {
"description": "Instead of using HTTP Cookie max-age and relying on client to expire the cookie, max idle time and/or max lifetime of the cookie can be used. Max idle time, if configured, specifies the maximum interval the cookie is valid for from the last time it was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Session cookie max idle time in seconds",
"type": "integer"
},
"cookie_max_life": {
"description": "Max life time, if configured, specifies the maximum interval the cookie is valid for from the first time the cookie was seen in a request. It is available for insert mode.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Session cookie max lifetime in seconds",
"type": "integer"
},
"type": {
"$ref": "LBCookieTimeType,
"required": true
}
},
"title": "Session cookie time",
"type": "object"
}
LBSnatAutoMap (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat auto map.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatAutoMap",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatAutoMap"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat auto map",
"type": "object"
}
LBSnatDisabled (type)
{
"additionalProperties": false,
"description": "Snat disabled.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatDisabled",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatDisabled"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat disabled",
"type": "object"
}
LBSnatIpElement (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat Ip element.",
"id": "LBSnatIpElement",
"module_id": "PolicyLoadBalancer",
"properties": {
"ip_address": {
"$ref": "IPElement,
"description": "Ip address or ip range such as 1.1.1.1 or 1.1.1.101-1.1.1.160.",
"required": true,
"title": "Ip address or ip range"
},
"prefix_length": {
"description": "Subnet prefix length should be not specified if there is only one single IP address or IP range.",
"required": false,
"title": "Subnet prefix length",
"type": "integer"
}
},
"title": "Snat Ip element",
"type": "object"
}
LBSnatIpPool (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Snat Ip pool.",
"extends": {
"$ref": "LBSnatTranslation
},
"id": "LBSnatIpPool",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSnatIpPool"
},
"properties": {
"ip_addresses": {
"description": "If an IP range is specified, the range may contain no more than 64 IP addresses.",
"items": {
"$ref": "LBSnatIpElement
},
"maxItems": 64,
"required": true,
"title": "List of Ip address or ip range",
"type": "array"
},
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat Ip pool",
"type": "object"
}
LBSnatTranslation (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Snat Translation.",
"id": "LBSnatTranslation",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "type"
},
"properties": {
"type": {
"$ref": "LBSnatTranslationType,
"description": "Snat translation type.",
"required": true,
"title": "Snat translation type"
}
},
"title": "Snat Translation",
"type": "object"
}
LBSnatTranslationType (type)
{
"additionalProperties": false,
"description": "Load balancers may need to perform SNAT to ensure reverse traffic from the server can be received and processed by them. There are three modes: LBSnatAutoMap uses the load balancer interface IP and an ephemeral port as the source IP and port of the server side connection. LBSnatIpPool allows user to specify one or more IP addresses along with their subnet masks that should be used for SNAT while connecting to any of the servers in the pool. LBSnatDisabled disables Source NAT. This is referred to as no-SNAT or TRANSPARENT mode. LBSnatAutoMap and LBSnatIpPool are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSnatAutoMap",
"LBSnatIpPool",
"LBSnatDisabled"
],
"id": "LBSnatTranslationType",
"module_id": "PolicyLoadBalancer",
"title": "Snat translation type",
"type": "string"
}
LBSourceIpPersistenceProfile (type)
{
"additionalProperties": false,
"description": "Some applications maintain state and require all relevant connections to be sent to the same server as the application state is not synchronized among servers. Persistence is enabled on a LBVirtualServer by binding a persistence profile to it.",
"extends": {
"$ref": "LBPersistenceProfile
},
"id": "LBSourceIpPersistenceProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSourceIpPersistenceProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ha_persistence_mirroring_enabled": {
"default": false,
"deprecated": true,
"description": "Persistence entries are not synchronized to the HA peer by default. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Mirroring enabled flag to synchronize persistence entries",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"persistence_shared": {
"default": false,
"description": "Persistence shared setting indicates that all LBVirtualServers that consume this LBPersistenceProfile should share the same persistence mechanism when enabled. Meaning, persistence entries of a client accessing one virtual server will also affect the same client's connections to a different virtual server. For example, say there are two virtual servers vip-ip1:80 and vip-ip1:8080 bound to the same Group g1 consisting of two servers (s11:80 and s12:80). By default, each virtual server will have its own persistence table or cookie. So, in the earlier example, there will be two tables (vip-ip1:80, p1) and (vip-ip1:8080, p1) or cookies. So, if a client connects to vip1:80 and later connects to vip1:8080, the second connection may be sent to a different server than the first. When persistence_shared is enabled, then the second connection will always connect to the same server as the original connection. For COOKIE persistence type, the same cookie will be shared by multiple virtual servers. For SOURCE_IP persistence type, the persistence table will be shared across virtual servers. For GENERIC persistence type, the persistence table will be shared across virtual servers which consume the same persistence profile in LBRule actions.",
"required": false,
"title": "Persistence shared across LBVirtualServers",
"type": "boolean"
},
"purge": {
"$ref": "SourceIpPersistencePurge,
"default": "FULL",
"description": "Persistence purge setting.",
"required": false,
"title": "Persistence purge setting"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The resource_type property identifies persistence profile type. LBCookiePersistenceProfile and LBGenericPersistenceProfile are deprecated as NSX-T Load Balancer is deprecated.",
"enum": [
"LBSourceIpPersistenceProfile",
"LBCookiePersistenceProfile",
"LBGenericPersistenceProfile"
],
"required": true,
"title": "Persistence profile type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 300,
"description": "When all connections complete (reference count reaches 0), persistence entry timer is started with the expiration time.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Persistence entry expiration time in seconds",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBPersistenceProflie using SourceIP",
"type": "object"
}
LBSslModeSelectionAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to select SSL mode. Three types of SSL mode actions can be specified in Transport phase, ssl passthrough, ssl offloading and ssl end-to-end.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBSslModeSelectionAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSslModeSelectionAction"
},
"properties": {
"ssl_mode": {
"description": "SSL Passthrough: LB establishes a TCP connection with client and another connection with selected backend server. LB won't inspect the stream data between client and backend server, but just pass it through. Backend server exchanges SSL connection with client. SSL Offloading: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTP without SSL. LB estalishes new connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured. SSL End-to-End: LB terminiates the connections from client, and establishes SSL connection with it. After receiving the HTTP request, LB connects the selected backend server and talk with it via HTTPS. LB estalishes new SSL connection to selected backend server for each HTTP request, in case server_keep_alive or multiplexing are NOT configured.",
"enum": [
"SSL_PASSTHROUGH",
"SSL_END_TO_END",
"SSL_OFFLOAD"
],
"required": true,
"title": "Type of SSL mode",
"type": "string"
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
}
},
"title": "Action to select SSL mode",
"type": "object"
}
LBSslProfile (type) (Deprecated)
{
"abstract": true,
"additionalProperties": false,
"deprecated": true,
"description": "Load balancer abstract SSL profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBSslProfile",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Load balancer abstract SSL profile",
"type": "object"
}
LBSslSniCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match SSL SNI in client hello. This condition is only supported in TRANSPORT phase and HTTP_FORWARDING.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBSslSniCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBSslSniCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing SNI value.",
"required": false,
"title": "A case sensitive flag for SNI comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of SNI"
},
"sni": {
"description": "The SNI(Server Name indication) in client hello message.",
"required": true,
"title": "The server name indication",
"type": "string"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match SSL SNI in client hello",
"type": "object"
}
LBTcpHeaderCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match TCP header fields of HTTP messages. Currently, only the TCP source port is supported. Ports can be expressed as a single port number like 80, or a port range like 1024-1030.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBTcpHeaderCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBTcpHeaderCondition"
},
"properties": {
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"source_port": {
"$ref": "PortElement,
"required": true,
"title": "TCP source port of HTTP message"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
}
},
"title": "Condition to match TCP header fields",
"type": "object"
}
LBTcpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over TCP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBTcpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBTcpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBTcpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receive": {
"description": "Expected data, if specified, can be anywhere in the response and it has to be a string, regular expressions are not supported.",
"required": false,
"title": "Expected data received from server",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"send": {
"description": "If both send and receive are not specified, then just a TCP connection is established (3-way handshake) to validate server is healthy, no data is sent.",
"required": false,
"title": "Data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over TCP",
"type": "object"
}
LBUdpMonitorProfile (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Active healthchecks are disabled by default and can be enabled for a server pool by binding a health monitor to the Group through the LBRule object. This represents active health monitoring over UDP. Active healthchecks are initiated periodically, at a configurable interval, to each member of the Group. Only if a healthcheck fails consecutively for a specified number of times (fall_count) to a member will the member status be marked DOWN. Once a member is DOWN, a specified number of consecutive successful healthchecks (rise_count) will bring the member back to UP state. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout. LBUdpMonitorProfile is deprecated as NSX-T Load Balancer is deprecated.",
"extends": {
"$ref": "LBActiveMonitor
},
"id": "LBUdpMonitorProfile",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBUdpMonitorProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fall_count": {
"default": 3,
"description": "Only if a healthcheck fails consecutively for a specified number of times, given with fall_count, to a member will the member status be marked DOWN.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor fall count for active healthchecks",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"interval": {
"default": 5,
"description": "Active healthchecks are initiated periodically, at a configurable interval (in seconds), to each member of the Group.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor interval in seconds for active healthchecks",
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"monitor_port": {
"description": "Typically, monitors perform healthchecks to Group members using the member IP address and pool_port. However, in some cases, customers prefer to run healthchecks against a different port than the pool member port which handles actual application traffic. In such cases, the port to run healthchecks against can be specified in the monitor_port value. For ICMP monitor, monitor_port is not required.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Monitor port for active healthchecks",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"receive": {
"description": "Expected data, can be anywhere in the response and it has to be a string, regular expressions are not supported. UDP healthcheck is considered failed if there is no server response within the timeout period.",
"required": true,
"title": "Expected data received from server",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "LBMonitorProfileType,
"required": true
},
"rise_count": {
"default": 3,
"description": "Once a member is DOWN, a specified number of consecutive successful healthchecks specified by rise_count will bring the member back to UP state.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor rise count for active healthchecks",
"type": "integer"
},
"send": {
"description": "The data to be sent to the monitored server.",
"required": true,
"title": "Data to send",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 5,
"description": "Timeout specified in seconds. After a healthcheck is initiated, if it does not complete within a certain period, then also the healthcheck is considered to be unsuccessful. Completing a healthcheck within timeout means establishing a connection (TCP or SSL), if applicable, sending the request and receiving the response, all within the configured timeout.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Monitor timeout in seconds for active healthchecks",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "LBMonitorProfile for active health checks over UDP",
"type": "object"
}
LBVariableAssignmentAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is used to create a new variable and assign value to it. One action can be used to create one variable. To create multiple variables, multiple actions must be defined. The variables can be used by LBVariableCondition, etc.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariableAssignmentAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariableAssignmentAction"
},
"properties": {
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_name": {
"description": "Name of the variable to be assigned.",
"required": true,
"title": "Name of the variable to be assigned",
"type": "string"
},
"variable_value": {
"description": "Value of variable.",
"required": true,
"title": "Value of variable",
"type": "string"
}
},
"title": "Action to create variable and assign value to it",
"type": "object"
}
LBVariableCondition (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This condition is used to match variable's name and value at all phases. The variables could be captured from REGEX or assigned by LBVariableAssignmentAction or system embedded variable. Varialbe_name and variable_value should be matched at the same time.",
"extends": {
"$ref": "LBRuleCondition
},
"id": "LBVariableCondition",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariableCondition"
},
"properties": {
"case_sensitive": {
"default": true,
"description": "If true, case is significant when comparing variable value.",
"required": false,
"title": "A case sensitive flag for variable value comparing",
"type": "boolean"
},
"inverse": {
"default": false,
"required": false,
"title": "A flag to indicate whether reverse the match result of this condition",
"type": "boolean"
},
"match_type": {
"$ref": "LbRuleMatchType,
"default": "REGEX",
"required": false,
"title": "Match type of variable value"
},
"type": {
"$ref": "LBRuleConditionType,
"required": true,
"title": "Type of load balancer rule condition"
},
"variable_name": {
"required": true,
"title": "Name of the variable to be matched",
"type": "string"
},
"variable_value": {
"required": true,
"title": "Value of variable to be matched",
"type": "string"
}
},
"title": "Condition to match IP header fields",
"type": "object"
}
LBVariablePersistenceLearnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP response rewrite phase. It is used to learn the value of variable from the HTTP response, and insert an entry into the persistence table if the entry doesn't exist.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariablePersistenceLearnAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariablePersistenceLearnAction"
},
"properties": {
"persistence_profile_path": {
"description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.",
"required": false,
"title": "Path to LBPersistenceProfile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be learnt. It is used to identify which variable's value is learnt from HTTP response. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to learn the variable value",
"type": "object"
}
LBVariablePersistenceOnAction (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "This action is performed in HTTP forwarding phase. It is used to inspect the variable of HTTP request, and look up the persistence entry with its value and pool uuid as key. If the persistence entry is found, the HTTP request is forwarded to the recorded backend server according to the persistence entry. If the persistence entry is not found, a new entry is created in the table after backend server is selected.",
"extends": {
"$ref": "LBRuleAction
},
"id": "LBVariablePersistenceOnAction",
"module_id": "PolicyLoadBalancer",
"polymorphic-type-descriptor": {
"type-identifier": "LBVariablePersistenceOnAction"
},
"properties": {
"persistence_profile_path": {
"description": "If the persistence profile path is not specified, a default persistence table is created per virtual server. Currently, only LBGenericPersistenceProfile is supported.",
"required": false,
"title": "Path to LBPersistenceProfile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"type": {
"$ref": "LBRuleActionType,
"description": "The property identifies the load balancer rule action type.",
"required": true,
"title": "Type of load balancer rule action"
},
"variable_hash_enabled": {
"default": false,
"description": "The property is used to enable a hash operation for variable value when composing the persistence key.",
"required": false,
"title": "Whether to enable a hash operation for variable value",
"type": "boolean"
},
"variable_name": {
"description": "The property is the name of variable to be used. It specifies which variable's value of a HTTP Request will be used in the key of persistence entry. The variable can be a built-in variable such as \"_cookie_JSESSIONID\", a customized variable defined in LBVariableAssignmentAction or a captured variable in regular expression such as \"article\". For the full list of built-in variables, please reference the NSX-T Administrator's Guide.",
"required": true,
"title": "Variable name",
"type": "string"
}
},
"title": "Action to persist the variable value",
"type": "object"
}
LBVirtualServer (type)
{
"additionalProperties": false,
"description": "All the types of LBVirtualServer extend from this abstract class. This is present for extensibility.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LBVirtualServer",
"module_id": "PolicyLoadBalancer",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_list_control": {
"$ref": "LBAccessListControl,
"description": "Specifies the access list control to define how to filter the connections from clients.",
"required": false,
"title": "IP access list control to filter the connections"
},
"access_log_enabled": {
"default": false,
"description": "If access log is enabled, all HTTP requests sent to L7 virtual server are logged to the access log file. Both successful returns information responses(1xx), successful responses(2xx), redirection messages(3xx) and unsuccessful requests, backend server returns 4xx or 5xx, are logged to access log, if enabled. All L4 virtual server connections are also logged to the access log if enabled. The non-significant events such as successful requests are not logged if log_significant_event_only is set to true.",
"required": false,
"title": "Access log enabled setting",
"type": "boolean"
},
"application_profile_path": {
"description": "The application profile defines the application protocol characteristics. It is used to influence how load balancing is performed. Currently, LBFastTCPProfile, LBFastUDPProfile and LBHttpProfile, etc are supported.",
"required": true,
"title": "Application profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_APP_PROFILE_RELATIONSHIP",
"rightType": [
"LBAppProfile"
]
}
]
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"client_ssl_profile_binding": {
"$ref": "LBClientSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL server and terminating the client SSL connection. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Virtual server side SSL binding setting"
},
"default_pool_member_ports": {
"description": "Default pool member ports when member port is not defined.",
"items": {
"$ref": "PortElement
},
"maxItems": 14,
"required": false,
"title": "Default pool member ports when member port is not defined.",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable the load balancer virtual server.",
"required": false,
"title": "whether the virtual server is enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Configures the IP address of the LBVirtualServer where it receives all client connections and distributes them among the backend servers.",
"required": true,
"title": "IP address of the LBVirtualServer"
},
"lb_persistence_profile_path": {
"description": "Path to optional object that enables persistence on a virtual server allowing related client connections to be sent to the same backend server. Persistence is disabled by default.",
"required": false,
"title": "Persistence Profile used by LBVirtualServer",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_PERSISTENCE_PROFILE_RELATIONSHIP",
"rightType": [
"LBPersistenceProfile"
]
}
]
},
"lb_service_path": {
"description": "virtual servers can be associated to LBService(which is similar to physical/virtual load balancer), LB virtual servers, pools and other entities could be defined independently, the LBService identifier list here would be used to maintain the relationship of LBService and other LB entities.",
"required": false,
"title": "Path to LBService object for LBVirtualServer",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_SERVICE_RELATIONSHIP",
"rightType": [
"LBService"
]
}
]
},
"log_significant_event_only": {
"default": false,
"description": "The property log_significant_event_only can take effect only when access_log_enabled is true. If log_significant_event_only is true, significant events are logged in access log. For L4 virtual server, significant event means unsuccessful(error or dropped) TCP/UDP connections. For L7 virtual server, significant event means unsuccessful connections or HTTP/HTTPS requests which have error response code(e.g. 4xx, 5xx).",
"required": false,
"title": "Log only significant event in access log",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"max_concurrent_connections": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, affecting other applications hosted on the same LBS, connections to a virtual server can be capped. If it is not specified, it means that connections are unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum concurrent connection number",
"type": "integer"
},
"max_new_connection_rate": {
"deprecated": true,
"description": "To ensure one virtual server does not over consume resources, connections to a member can be rate limited. If it is not specified, it means that connection rate is unlimited. The property is deprecated as NSX-T Load Balancer is deprecated.",
"maximum": 2147483647,
"minimum": 1,
"required": false,
"title": "Maximum new connection rate in connections per second",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_path": {
"description": "The server pool(LBPool) contains backend servers. Server pool consists of one or more servers, also referred to as pool members, that are similarly configured and are running the same application.",
"required": false,
"title": "Default server pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"ports": {
"description": "Ports contains a list of at least one port or port range such as \"80\", \"1234-1236\". Each port element in the list should be a single port or a single port range.",
"items": {
"$ref": "PortElement
},
"required": true,
"title": "Virtual server port number(s) or port range(s)",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rules": {
"deprecated": true,
"description": "Load balancer rules allow customization of load balancing behavior using match/action rules. Currently, load balancer rules are supported for only layer 7 virtual servers with LBHttpProfile. The property is deprecated as NSX-T Load Balancer is deprecated.",
"items": {
"$ref": "LBRule
},
"maxItems": 4000,
"required": false,
"title": "List of load balancer rules",
"type": "array"
},
"server_ssl_profile_binding": {
"$ref": "LBServerSslProfileBinding,
"deprecated": true,
"description": "The setting is used when load balancer acts as an SSL client and establishing a connection to the backend server. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Pool side SSL binding setting"
},
"sorry_pool_path": {
"deprecated": true,
"description": "When load balancer can not select a backend server to serve the request in default pool or pool in rules, the request would be served by sorry server pool. The property is deprecated as NSX-T Load Balancer is deprecated.",
"required": false,
"title": "Sorry server pool path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LBVirtualServer"
],
"relationshipType": "LB_VIRTUAL_SERVER_LB_POOL_RELATIONSHIP",
"rightType": [
"LBPool"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base class for each type of LBVirtualServer",
"type": "object"
}
LBXForwardedForType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "X-forwarded-for type.",
"enum": [
"INSERT",
"REPLACE"
],
"id": "LBXForwardedForType",
"module_id": "PolicyLoadBalancer",
"title": "X-forwarded-for type",
"type": "string"
}
Label (type)
{
"additionalProperties": false,
"description": "Label that will be displayed for a UI element.",
"id": "Label",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the label will be applied. Examples of expression syntax are provided under example_request section of CreateWidgetConfiguration API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"hover": {
"default": false,
"description": "If true, displays the label only on hover",
"title": "Show label only on hover",
"type": "boolean"
},
"icons": {
"description": "Icons to be applied at dashboard for the label",
"items": {
"$ref": "Icon
},
"minItems": 0,
"title": "Icons",
"type": "array"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"text": {
"description": "Text to be displayed at the label.",
"maxLength": 255,
"required": true,
"title": "Label text",
"type": "string"
}
},
"title": "Label",
"type": "object"
}
LabelValueConfiguration (type)
{
"additionalProperties": false,
"description": "Represents a Label-Value widget configuration",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "LabelValueConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "LabelValueConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"layout": {
"$ref": "Layout,
"description": "Layout of properties can be vertical or grid. If layout is not specified a default vertical layout is applied.",
"title": "Layout of properties inside widget"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"properties": {
"description": "An array of label-value properties.",
"items": {
"$ref": "PropertyItem
},
"required": true,
"title": "Rows",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"sub_type": {
"description": "A sub-type of LabelValueConfiguration. If sub-type is not specified the parent type is rendered. For VERTICALLY_ALIGNED sub_type, the value is placed below the label. For HORIZONTALLY_ALIGNED sub_type, the value is placed right hand side of the label.",
"enum": [
"VERTICALLY_ALIGNED",
"HORIZONTALLY_ALIGNED"
],
"title": "Sub-type of the LabelValueConfiguration",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Label Value Dashboard Widget Configuration",
"type": "object"
}
LacpGroupConfigInfo (type)
{
"additionalProperties": false,
"id": "LacpGroupConfigInfo",
"module_id": "InventoryCmInvComm",
"properties": {
"key": {
"description": "The key represents the identifier for the group that is unique across VC.",
"readonly": false,
"required": false,
"title": "The generated key as the identifier for the group",
"type": "string"
},
"load_balance_algorithm": {
"description": "Load balance algorithm used in LACP group. The possible values are dictated by the values available in VC. Please refer VMwareDvsLacpLoadBalanceAlgorithm documentation for a full list of values. A few examples are srcDestIp where source and destination IP are considered, srcIp where only source IP is considered.",
"readonly": false,
"required": false,
"title": "Load balance policy",
"type": "string"
},
"mode": {
"description": "The mode of LACP can be ACTIVE or PASSIVE. If the mode is ACTIVE, LACP is enabled unconditionally. If the mode is PASSIVE, LACP is enabled only if LACP device is detected.",
"enum": [
"ACTIVE",
"PASSIVE"
],
"readonly": false,
"required": false,
"title": "The mode of Link Aggregation Control Protocol (LACP)",
"type": "string"
},
"name": {
"description": "The display name of the LACP group.",
"readonly": false,
"required": false,
"title": "The display name",
"type": "string"
},
"timeout_type": {
"default": "SLOW",
"description": "To set the lag mode as fast for LACP. By default, it will be slow.",
"enum": [
"FAST",
"SLOW"
],
"readonly": false,
"required": false,
"title": "LACP timeout mode",
"type": "string"
},
"uplink_names": {
"description": "Names for the uplink ports in the group.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Uplink names",
"type": "array"
},
"uplink_num": {
"readonly": false,
"required": false,
"title": "The number of uplink ports",
"type": "integer"
},
"uplink_port_keys": {
"description": "Keys for the uplink ports in the group. Each uplink port is assigned a key that is unique across VC.",
"items": {
"type": "string"
},
"readonly": false,
"required": false,
"title": "Keys for the uplink ports",
"type": "array"
}
},
"type": "object"
}
Layout (type)
{
"additionalProperties": false,
"description": "Represents layout of a container or widget",
"id": "Layout",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"properties": {
"$ref": "LayoutProperties
},
"type": {
"default": "HORIZONTAL",
"description": "Describes layout of a container or widget. Layout describes how individual widgets are placed inside the container. For example, if HORIZONTAL is chosen widgets are placed side by side inside the container. If VERTICAL is chosen then widgets are placed one below the other. If GRID is chosen then the container or widget display area is divided into a grid of m rows and n columns, as specified in the properties, and the widgets are placed inside the grid. If AUTO is chosen then container or widgets display area will be automatically calculated depending upon the required width.",
"enum": [
"HORIZONTAL",
"VERTICAL",
"GRID",
"AUTO"
],
"title": "Type of layout of a container or widget",
"type": "string"
}
},
"title": "Layout of a container or widget",
"type": "object"
}
LayoutProperties (type)
{
"additionalProperties": false,
"description": "Properties of the layout of a container or widget",
"id": "LayoutProperties",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"num_columns": {
"description": "Describes the number of columns of grid layout of a container or widget. This property is applicable for grid layout only.",
"title": "Number of columns of grid",
"type": "int"
},
"num_rows": {
"description": "Describes the number of rows of grid layout of a container or widget. This property is applicable for grid layout only.",
"title": "Number of rows of grid",
"type": "int"
}
},
"title": "Layout properties of a container or widget",
"type": "object"
}
LbHttpRequestHeader (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "LbHttpRequestHeader",
"module_id": "LoadBalancer",
"properties": {
"header_name": {
"required": true,
"title": "Name of HTTP request header",
"type": "string"
},
"header_value": {
"required": true,
"title": "Value of HTTP request header",
"type": "string"
}
},
"type": "object"
}
LbLogLevel (type)
{
"additionalProperties": false,
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"CRITICAL",
"ALERT",
"EMERGENCY"
],
"id": "LbLogLevel",
"module_id": "LoadBalancer",
"title": "the log level of load balancer service",
"type": "string"
}
LbRuleMatchType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "LbRuleMatchType is used to determine how a specified string value is used to match a specified LbRuleCondition field. STARTS_WITH: If the LbRuleCondition field starts with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. ENDS_WITH: If the LbRuleCondition field ends with specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. EQUALS: If the LbRuleCondition field is same as the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. CONTAINS: If the LbRuleCondition field contains the specified string, the condition matches. The fields with this match type are specified as strings, not regular expressions. REGEX: If the LbRuleCondition field matches specified regular expression, the condition matches. The regular expressions in load balancer rules use the features common to both Java regular expressions and Perl Compatible Regular Expressions (PCREs) with some restrictions. Reference http://www.pcre.org for PCRE and the NSX-T Administrator's Guide for the restrictions. If named capturing groups are used in the regular expression, when a match succeeds, the substrings of the subject string that match named capturing groups are stored (captured) in variables with specific names which can be used in the fields of LbRuleAction which support variables. Named capturing group are defined in the format (?<name>subpattern), such as (?<year>\\d{4}). For example, in the regular expression: \"/news/(?<year>\\d+)/(?<month>\\d+)/(?<article>.*)\", for subject string \"/news/2017/06/xyz.html\", the substring \"2017\" is captured in variable year, \"06\" is captured in variable month, and \"xyz.html\" is captured in variable article. These variables can be used in LbRuleAction fields which support variables in form of $name, such as $year, $month, $article. Please note, when regular expressions are used in JSON(JavaScript Object Notation) string, every backslash character (\\) needs to be escaped by one additional backslash character.",
"enum": [
"STARTS_WITH",
"ENDS_WITH",
"EQUALS",
"CONTAINS",
"REGEX"
],
"id": "LbRuleMatchType",
"module_id": "LoadBalancer",
"title": "Match type for LbRule conditions",
"type": "string"
}
LbServiceSize (type)
{
"additionalProperties": false,
"description": "The size of load balancer service can be, SMALL, MEDIUM, LARGE, XLARGE, or DLB. The first four sizes are realized on Edge node as a centralized load balancer. DLB is realized on each ESXi hypervisor as a distributed load balancer. DLB is supported for k8s cluster IPs managed by vSphere with Kubernetes. DLB is NOT supported for any other workload types. The load balancer service sizes, SMALL, MEDIUM, LARGE and XLARGE are all deprecated. Customers who are using this set of features are advised to migrate to NSX Advanced Load Balancer (Avi) which provides a superset of the NSX-T load balancing functionality.",
"enum": [
"SMALL",
"MEDIUM",
"LARGE",
"XLARGE",
"DLB"
],
"id": "LbServiceSize",
"module_id": "LoadBalancer",
"title": "the size of load balancer service",
"type": "string"
}
LbSslSessionReusedType (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"IGNORE",
"REUSED",
"NEW"
],
"id": "LbSslSessionReusedType",
"module_id": "LoadBalancer",
"title": "Type of SSL session reused",
"type": "string"
}
LdapIdentitySource (type)
{
"abstract": true,
"description": "This is the base type for all identity sources that use LDAP for authentication and group membership.",
"extends": {
"$ref": "ManagedResource
},
"id": "LdapIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An LDAP identity source",
"type": "object"
}
LdapIdentitySourceListResult (type)
{
"description": "The results of listing LDAP identity sources.",
"extends": {
"$ref": "ListResult
},
"id": "LdapIdentitySourceListResult",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LdapIdentitySource
},
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List results containing LDAP identity sources",
"type": "object"
}
LdapIdentitySourceProbeResults (type)
{
"description": "Results from probing all LDAP servers in an LDAP identity source configuration.",
"extends": {
"$ref": "Resource
},
"id": "LdapIdentitySourceProbeResults",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"results": {
"description": "Probe results for all probed LDAP servers.",
"items": {
"$ref": "IdentitySourceLdapServerProbeResult
},
"title": "Probe results",
"type": "array"
}
},
"title": "Results from probing all LDAP servers",
"type": "object"
}
LdapIdentitySourceSearchRequestParameters (type)
{
"additionalProperties": false,
"description": "To search for a user or group in an LDAP identity source, provide a filter_value. The directory will be searched for users and groups that match the search string. User searches: For Active Directory sources, the directory will be searched for users whose commonName (CN) property contains the given string and for users whose samAccountName property contains the given string. For OpenLDAP sources, the directory will be searched for users whose commonName (CN) property contains the given string and for users whose uid property contains the given string. Group searches: For both Active Directory and OpenLDAP sources, the directory will be searched for groups whose commonName (CN) property contains the the given string. The LDAP server may impose a limit on the number of returned entries.",
"id": "LdapIdentitySourceSearchRequestParameters",
"module_id": "LdapIdentitySources",
"properties": {
"filter_value": {
"description": "A string to use when searching for users and groups in the LDAP identity source.",
"required": true,
"title": "Search filter value",
"type": "string"
}
},
"title": "Arguments for searching users and groups",
"type": "object"
}
LdapIdentitySourceSearchResultItem (type)
{
"id": "LdapIdentitySourceSearchResultItem",
"module_id": "LdapIdentitySources",
"properties": {
"common_name": {
"description": "The Common Name (CN) of the entry, if available.",
"title": "Common Name (CN) of entry",
"type": "string"
},
"dn": {
"description": "Distinguished name (DN) of the entry.",
"title": "DN of the entry",
"type": "string"
},
"principal_name": {
"description": "For Active Directory (AD) users, this will be the user principal name (UPN), in the format user@domain. For non-AD users, this will be the user's uid property, followed by \"@\" and the domain of the directory. For groups, this will be the group's common name, followed by \"@\" and the domain of the directory.",
"title": "The principal name of the user or group, if available",
"type": "string"
},
"type": {
"description": "Describes the type of the entry",
"enum": [
"USER",
"GROUP"
],
"title": "Type of the entry",
"type": "string"
}
},
"type": "object"
}
LdapIdentitySourceSearchResultList (type)
{
"description": "A list of LDAP entries returned from a search of an LDAP identity source.",
"extends": {
"$ref": "Resource
},
"id": "LdapIdentitySourceSearchResultList",
"module_id": "LdapIdentitySources",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"results": {
"items": {
"$ref": "LdapIdentitySourceSearchResultItem
},
"type": "array"
}
},
"title": "A list of LDAP search results",
"type": "object"
}
LdapProbeError (type)
{
"description": "Detail about one error encountered during a probe.",
"id": "LdapProbeError",
"module_id": "LdapIdentitySources",
"properties": {
"error_type": {
"description": "The cause of the error. BASE_DN_NOT_FOUND: The configured base DN does not exist on the LDAP server or is not readable. BIND_DN_AND_PASSWORD_REQUIRED: This server is configured to require a bind DN and password. Please add these to your LDAP server configuration. BIND_DN_INVALID: The bind DN or username provided is not valid on the LDAP server. Check that the bind DN is correct. This error may also indicate that the base DN in your configuration is incorrect. CERTIFICATE_HOSTNAME_MISMATCH_ERROR: The hostname configured for the LDAP server does not match the hostname in the server's certificate subject or alternative subject names. Be sure that the hostname you configure in NSX Manager matches one of those names. CERTIFICATE_MISMATCH_ERROR: The certificate presented by the LDAP server did not match the certificate in the configuration on the NSX Manager. CONNECTION_REFUSED: The connection was refused when contacting the LDAP server. Ensure that the LDAP server is running and that you are using the correct ip/hostname. CONNECTION_TIMEOUT: The connection timed out when contacting the LDAP server. Check the hostname/ip and any firewalls between the NSX Manager and the LDAP server. GENERAL_ERROR: An undetermined error occurred. INVALID_CONFIGURED_CERTIFICATE: The certificate configured for this LDAP server is invalid and could not be decoded. Check that the PEM-formatted certificate you provided is correct. INVALID_CREDENTIALS: The username and/or password are incorrect. SSL_HANDSHAKE_ERROR: An error occurred while establishing a secure connection with the LDAP server. Check that the LDAP server's certificate is correct, and that it is using an SSL/TLS cipher suite that is compatible with the NSX Manager. This error can also occur if the hostname you have configured for the LDAP server does not match any of the hostnames in the Subject Alternative Name records in the server certificate. STARTTLS_FAILED: Unable to use StartTLS to upgrade the connection to use TLS. Ensure that the LDAP server supports TLS and if not, use LDAP or LDAPS as the protocol. UNKNOWN_HOST: The hostname of the LDAP server could not be resolved. NO_ROUTE_TO_HOST: There is no network route to the host. BIND_EXCEPTION: A socket to the remote host could not be opened. PORT_UNREACHABLE: The LDAP port is not open on the remote host. BASE_DN_NOT_WITHIN_DOMAIN: For Active Directory, the base DN is not a subtree of the Domain Component tree corresponding to the LDAP domain. For example, if the domain is \"example.com\", the baseDN should be \"dc=example, dc=com\" or a subtree like \"ou=Users,dc=example,dc=com\". LDAP_SERVER_DISABLED: The LDAP server is marked as disabled in the NSX configuration and will not be used.",
"enum": [
"BASE_DN_NOT_FOUND",
"BIND_DN_AND_PASSWORD_REQUIRED",
"BIND_DN_INVALID",
"CERTIFICATE_HOSTNAME_MISMATCH_ERROR",
"CERTIFICATE_MISMATCH_ERROR",
"CONNECTION_REFUSED",
"CONNECTION_TIMEOUT",
"GENERAL_ERROR",
"INVALID_CONFIGURED_CERTIFICATE",
"INVALID_CREDENTIALS",
"SSL_HANDSHAKE_ERROR",
"STARTTLS_FAILED",
"UNKNOWN_HOST",
"NO_ROUTE_TO_HOST",
"BIND_EXCEPTION",
"PORT_UNREACHABLE",
"BASE_DN_NOT_WITHIN_DOMAIN",
"LDAP_SERVER_DISABLED"
],
"title": "Error type",
"type": "string"
}
},
"title": "Error detail from probe",
"type": "object"
}
Legend (type)
{
"additionalProperties": false,
"description": "Represents legend that describes the entities of the widget.",
"id": "Legend",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alignment": {
"default": "VERTICAL",
"description": "Describes the alignment of legend. Alignment of a legend denotes how individual items of the legend are aligned in a container. For example, if VERTICAL is chosen then the items of the legend will appear one below the other and if HORIZONTAL is chosen then the items will appear side by side.",
"enum": [
"HORIZONTAL",
"VERTICAL"
],
"title": "Alignment of the legend",
"type": "string"
},
"display_count": {
"default": true,
"description": "If set to true, it will display the counts in legend. If set to false, counts of entities are not displayed in the legend.",
"title": "Show count of entities in the legend",
"type": "boolean"
},
"display_mode": {
"default": "SHOW_ALL_LEGENDS",
"description": "Display mode for legends.",
"enum": [
"SHOW_ALL_LEGENDS",
"SHOW_MIN_NO_OF_LEGENDS",
"SHOW_OTHER_GROUP_WITH_LEGENDS"
],
"title": "Display mode for legends.",
"type": "string"
},
"filterable": {
"default": false,
"description": "Show checkbox along with legends if value is set to true. Widget filtering capability can be enable based on legend checkbox selection. for 'display_mode' SHOW_OTHER_GROUP_WITH_LEGENDS filterable property is not supported.",
"title": "Show checkbox along with legends if value is set to true",
"type": "boolean"
},
"min_legends_display_count": {
"default": 3,
"description": "A minimum number of legends to be displayed upfront. if 'display_mode' is set to SHOW_MIN_NO_OF_LEGENDS then this property value will be used to display number of legends upfront in the UI.",
"maximum": 12,
"minimum": 1,
"title": "A minimum number of legends to be displayed.",
"type": "int"
},
"other_group_legend_label": {
"default": "WIDGET_LABEL_OTHER_LEGEND_LABEL",
"description": "A translated label for showing other category label in legends.",
"title": "A label for showing other category in legends.",
"type": "string"
},
"position": {
"default": "RIGHT",
"description": "Describes the relative placement of legend. The legend of a widget can be placed either to the TOP or BOTTOM or LEFT or RIGHT relative to the widget. For example, if RIGHT is chosen then legend is placed to the right of the widget.",
"enum": [
"TOP",
"BOTTOM",
"LEFT",
"RIGHT",
"TOP_RIGHT"
],
"title": "Placement of legend",
"type": "string"
},
"type": {
"default": "CIRCLE",
"description": "Describes the render type for the legend. The legend for an entity describes the entity in the widget. The supported legend type is a circle against which the entity's details such as display_name are shown. The color of the circle denotes the color of the entity shown inside the widget.",
"enum": [
"CIRCLE"
],
"title": "Type of the legend",
"type": "string"
},
"unit": {
"description": "Show unit of entities in the legend.",
"title": "Show unit of entities in the legend",
"type": "string"
}
},
"title": "Legend for the widget",
"type": "object"
}
LegendWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for Legend widget. For this widget the data source is not applicable. This widget can be use to add the Legend inside the dashboard container.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "LegendWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "LegendWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"layout": {
"$ref": "Legend,
"description": "Defines the layout for the legend widget",
"required": true,
"title": "A layout for legend widget."
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"source_widget_id": {
"description": "Id of source widget, if any. Id should be a valid id of an existing widget. This property can be used to identify the source of the data for this legend widget.",
"maxLength": 255,
"required": true,
"title": "Id of source widget for this legend widget",
"type": "string"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Legend widget Configuration",
"type": "object"
}
LineChartPlotConfiguration (type)
{
"additionalProperties": false,
"description": "A line chart plotting configuration.",
"extends": {
"$ref": "WidgetPlotConfiguration
},
"id": "LineChartPlotConfiguration",
"module_id": "NsxDashboard",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
},
"fill_gradient_area": {
"description": "Fill the line chart area with a gradient series color.",
"title": "Fill the line chart area with a gradient series color.",
"type": "boolean"
},
"num_of_series_to_display": {
"description": "Specifies the number of series to be displayed in a line chart. If no value is provided all the series will be displayed.",
"maximum": 16,
"minimum": 1,
"title": "A number of series to be displayed upfront.",
"type": "int"
},
"show_curved_lines": {
"default": true,
"description": "Used for displaying the curved lines for a series in a line chart. By default, straight line is used to for a series in a line chart.",
"title": "Show curved lines for series",
"type": "boolean"
},
"show_data_in_tooltip": {
"default": false,
"description": "Show the data in tooltip.",
"title": "Show data in tooltip.",
"type": "boolean"
},
"show_data_points": {
"default": true,
"description": "Controls the visiblity of the data points on the line chart. If value is set to false data points wont be high- lighted on the lines.",
"title": "Show the Data point highlighting in line chart",
"type": "boolean"
},
"show_grid_lines": {
"default": true,
"description": "Controls the visiblity of the grid lines in line chart.",
"title": "Show grid lines",
"type": "boolean"
},
"show_grouped_tooltip": {
"default": false,
"description": "Controls the visiblity of the grouped tooltip in a line chart across all series.",
"title": "Derives to show the grouped tooltip",
"type": "boolean"
},
"show_min_max_on_series": {
"default": false,
"description": "Controls the visiblity of the min and max value across line series in line chart.",
"title": "Show min and max value on line series",
"type": "boolean"
},
"show_unit_in_tooltip": {
"default": false,
"description": "Show the data unit in tooltip.",
"title": "Show data unit in tooltip.",
"type": "boolean"
},
"sort_data_in_grouped_tooltip": {
"default": false,
"description": "Sort the data in grouped tooltip.",
"title": "Sort the data in grouped tooltip",
"type": "boolean"
},
"sort_series": {
"default": false,
"description": "Specifies whether the series should be sorted by the latest data point.",
"title": "Perform sorting on series using the latest data point",
"type": "boolean"
}
},
"title": "A line chart plotting configuration",
"type": "object"
}
ListByNodeIdParameters (type)
{
"extends": {
"$ref": "ListWithDataSourceParameters
},
"id": "ListByNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
ListByOptionalTransportNodeParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListByOptionalTransportNodeParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"required": false,
"title": "Transport node",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ListCertParameter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListCertParameter",
"module_id": "CertificateManager",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"details": {
"default": false,
"required": false,
"title": "whether to expand the pem data and show all its details",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Provide this parameter to limit the list of returned certificates to those matching a particular usage. Passing cluster_certificate will return the certificate used for the cluster wide API service.",
"enum": [
"cluster_api_certificate"
],
"required": false,
"title": "Type of certificate to return",
"type": "string"
}
},
"type": "object"
}
ListRequestParameters (type)
{
"additionalProperties": {},
"extends": {
"$ref": "IncludedFieldsParameters
},
"id": "ListRequestParameters",
"module_id": "Common",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ListResult (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "ListResult",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Base class for list results from collections",
"type": "object"
}
ListResultQueryParameters (type)
{
"id": "ListResultQueryParameters",
"module_id": "Common",
"properties": {
"fields": {
"description": "Comma-separated field names to include in query result",
"title": "Fields to include in query results",
"type": "string"
}
},
"title": "Parameters that affect how list results are processed",
"type": "object"
}
ListWithDataSourceParameters (type)
{
"extends": {
"$ref": "ListRequestParameters
},
"id": "ListWithDataSourceParameters",
"module_id": "Types",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"type": "object"
}
LiveTraceConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LiveTraceConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"$ref": "PolicyLiveTraceActionConfig,
"description": "Configuration of actions on the filtered packets.",
"required": true,
"title": "Livetrace actions"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"filter": {
"$ref": "LiveTraceFilterData,
"description": "Filter for flows of interest.",
"required": false,
"title": "Packet filter"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates whether the intent is transient. If it is set to true, intent will be cleaned up after 1 hour of inactivity.",
"required": false,
"title": "Marker to indicate if the intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"src_port_path": {
"description": "Policy path of logical port to start a livetrace session.",
"required": true,
"title": "Policy path of logical port",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10,
"description": "The duration for observing live traffic on the specified source logical port.",
"maximum": 300,
"minimum": 5,
"required": false,
"title": "Timeout in seconds for livetrace session",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Livetrace configuration",
"type": "object"
}
LiveTraceFilterData (type)
{
"abstract": true,
"id": "LiveTraceFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
}
},
"type": "object"
}
LiveTracePacketGranularActionConfig (type)
{
"additionalProperties": false,
"id": "LiveTracePacketGranularActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"dest_port_path": {
"description": "Policy path of logical port for the reverse direction of a livetrace session. It is required only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same port specified for the reverse direction.",
"required": false,
"title": "Policy path of logical port",
"type": "string"
},
"reverse_filter": {
"$ref": "LiveTraceFilterData,
"description": "Filter for flows of interest at the reverse direction. It takes effect only when the trace type is bidirectional. Multiple bi-directional actions in a livetrace session should have the same filter specified for the reverse direction.",
"required": false,
"title": "Packet filter"
},
"sampling": {
"$ref": "LiveTraceSamplingConfig,
"description": "Sampling parameter for the action. Trace action and packet capture action only support first-N sampling.",
"required": true,
"title": "Sampling parameter for the action"
},
"trace_type": {
"enum": [
"UNI_DIRECTIONAL",
"BI_DIRECTIONAL"
],
"required": true,
"title": "Type of trace",
"type": "string"
}
},
"title": "Configuration of livetrace packet granular action",
"type": "object"
}
LiveTraceSamplingConfig (type)
{
"additionalProperties": false,
"id": "LiveTraceSamplingConfig",
"module_id": "PolicyConnectivity",
"properties": {
"match_number": {
"description": "First N packets are sampled. The upper limits of sampling number for trace and packet capture actions are 50 and 500, respectively.",
"maximum": 500,
"minimum": 1,
"required": false,
"title": "Parameter for first-N sampling.",
"type": "integer"
},
"sampling_interval": {
"description": "A packet is sampled for every given time interval in ms.",
"maximum": 30000,
"minimum": 1,
"required": false,
"title": "Parameter for interval based sampling",
"type": "integer"
},
"sampling_rate": {
"description": "1 out of N packets is sampled on average.",
"maximum": 65535,
"minimum": 1,
"required": false,
"title": "Parameter for packet number based sampling",
"type": "integer"
}
},
"title": "Sampling parameter for a livetrace action",
"type": "object"
}
LocalEgress (type)
{
"additionalProperties": false,
"description": "Local Egress is used on both server and client sites so that the gateway is used for N-S traffic and overhead on L2VPN tunnel is reduced.",
"id": "LocalEgress",
"module_id": "PolicyConnectivity",
"properties": {
"optimized_ips": {
"description": "Gateway IP for Local Egress. Local egress is enabled only when this list is not empty.",
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"title": "Gateway IP for Local Egress",
"type": "array"
}
},
"title": "Local Egress",
"type": "object"
}
LocalEgressRoutingEntry (type)
{
"additionalProperties": false,
"id": "LocalEgressRoutingEntry",
"module_id": "PolicyConnectivity",
"properties": {
"nexthop_address": {
"description": "Next hop address for proximity routing.",
"required": true,
"title": "Next hop address",
"type": "string"
},
"prefix_list_paths": {
"description": "The destination address of traffic matching a prefix-list is forwarded to the nexthop_address. Traffic matching a prefix list with Action DENY will be dropped. Individual prefix-lists specified could have different actions.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": true,
"title": "Policy path to prefix lists",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
}
},
"title": "Local egress routing policy",
"type": "object"
}
LocalSiteConfiguration (type)
{
"additionalProperties": false,
"description": "Local site with federation id and epoch.",
"id": "LocalSiteConfiguration",
"module_id": "SiteManagerModule",
"properties": {
"epoch": {
"required": true,
"title": "Epoch",
"type": "integer"
},
"id": {
"required": true,
"title": "Federation id",
"type": "string"
},
"site": {
"$ref": "FederationSite,
"required": true,
"title": "Site"
}
},
"title": "Local site information",
"type": "object"
}
LocaleServices (type)
{
"additionalProperties": false,
"description": "Site specific configuration of Tier0 in multi-site scenario",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "LocaleServices",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildTier1Interface"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_profile_path": {
"description": "This profile is applied to all static route peers in this locale. BFD profile configured on static route peers takes precedence over global configuration. If this field is empty, a default profile is applied to all peers.",
"required": false,
"title": "Policy path of BFD profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"LocaleServices"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "The reference to the edge cluster using the policy path of the edge cluster. Auto assigned on Tier0 if the associated enforcement point has only one edge cluster. For Tier1 ACTIVE-ACTIVE, edge cluster can not be removed and Edge Cluster will be defaulted to edge cluster from connected Tier0.",
"required": false,
"title": "Edge cluster path",
"type": "string"
},
"ha_vip_configs": {
"description": "This configuration can be defined only for Active-Standby Tier0 gateway to provide redundancy. For mulitple external interfaces, multiple HA VIP configs must be defined and each config will pair exactly two external interfaces. The VIP will move and will always be owned by the Active node. When this property is configured, configuration of dynamic-routing is not allowed.",
"items": {
"$ref": "Tier0HaVipConfig
},
"title": "Array of HA VIP Config.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Policy paths to edge nodes. For Tier1 gateway, the field is used to statically assign the ordered list of up to two edge nodes for stateful services. To enable auto allocation of nodes from the specified edge cluster the field must be left unset. The auto allocation of nodes is supported only for the Tier1 gateway. For Tier0 gateway specified edge is used as a preferred edge node when failover mode is set to PREEMPTIVE, not applicable otherwise.",
"items": {
"type": "string"
},
"maxItems": 2,
"required": false,
"title": "Edge node path",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_redistribution_config": {
"$ref": "Tier0RouteRedistributionConfig,
"description": "Configure all route redistribution properties like enable/disable redistributon, redistribution rule and so on.",
"required": false,
"title": "Route Redistribution configuration"
},
"route_redistribution_types": {
"deprecated": true,
"description": "Enable redistribution of different types of routes on Tier-0. This property is only valid for locale-service under Tier-0. This property is deprecated, please use \"route_redistribution_config\" property to configure redistribution rules.",
"items": {
"$ref": "Tier0RouteRedistributionTypes
},
"required": false,
"title": "Enable redistribution of different types of routes on Tier-0",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"gateway configuration"
],
"title": "Locale-services configuration",
"type": "object"
}
LocaleServicesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "LocaleServicesListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "LocaleServices
},
"required": true,
"title": "LocaleServices results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of LocaleServices",
"type": "object"
}
LoggingServiceProperties (type)
{
"additionalProperties": false,
"id": "LoggingServiceProperties",
"properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"required": true,
"title": "Service logging level",
"type": "string"
},
"modified_package_logging_levels": {
"required": false,
"title": "Modified package logging levels",
"type": "string"
},
"package_logging_level": {
"items": {
"$ref": "PackageLoggingLevels
},
"title": "Package logging levels",
"type": "array"
}
},
"title": "Service properties",
"type": "object"
}
LogicalPortOperationalStatus (type)
{
"id": "LogicalPortOperationalStatus",
"module_id": "AggSvcLogicalPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"required": true,
"title": "The Operational status of the logical port",
"type": "string"
}
},
"type": "object"
}
LogicalPortStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounterEx
},
"id": "LogicalPortStatistics",
"module_id": "AggSvcLogicalPort",
"properties": {
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalRouterPortCounters (type)
{
"id": "LogicalRouterPortCounters",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"blocked_packets": {
"description": "The total number of packets blocked.",
"required": false,
"title": "The number of blocked packets",
"type": "integer"
},
"dad_dropped_packets": {
"description": "Number of duplicate address detected packets dropped.",
"required": false,
"title": "The number of duplicate address detected packets dropped",
"type": "integer"
},
"destination_unsupported_dropped_packets": {
"description": "Number of packtes dropped as destination is not supported.",
"required": false,
"title": "The number of destination unsupported packets dropped",
"type": "integer"
},
"dropped_packets": {
"description": "The total number of packets dropped.",
"required": false,
"title": "The number of dropped packets",
"type": "integer"
},
"firewall_dropped_packets": {
"description": "Number of firewall packets dropped.",
"required": false,
"title": "The number of firewall packets dropped",
"type": "integer"
},
"frag_needed_dropped_packets": {
"description": "Number of fragmentation needed packets dropped.",
"required": false,
"title": "The number of fragmentation needed packets dropped",
"type": "integer"
},
"ipsec_dropped_packets": {
"description": "Number of IPSec packets dropped",
"required": false,
"title": "The number of IPSec packets dropped",
"type": "integer"
},
"ipsec_no_sa_dropped_packets": {
"description": "Number of IPSec no security association packets dropped.",
"required": false,
"title": "The number of IPSec no security association packets dropped",
"type": "integer"
},
"ipsec_no_vti_dropped_packets": {
"description": "Number of IPSec packets dropped as no VTI is present.",
"required": false,
"title": "The number of IPSec no VTI packets dropped",
"type": "integer"
},
"ipsec_pol_block_dropped_packets": {
"description": "Number of IPSec policy block packets dropped.",
"required": false,
"title": "The number of IPSec policy block packets dropped",
"type": "integer"
},
"ipsec_pol_err_dropped_packets": {
"description": "Number of IPSec policy error packets dropped.",
"required": false,
"title": "The number of IPSec policy error packets dropped",
"type": "integer"
},
"ipv6_dropped_packets": {
"description": "Number of IPV6 packets dropped.",
"required": false,
"title": "The number of IPV6 packets dropped",
"type": "integer"
},
"kni_dropped_packets": {
"description": "Number of DPDK kernal NIC interface packets dropped.",
"required": false,
"title": "The number of kernal NIC interface packets dropped",
"type": "integer"
},
"l4port_unsupported_dropped_packets": {
"description": "Number of packets dropped due to unsupported L4 port.",
"required": false,
"title": "The number of L4 port unsupported packets dropped",
"type": "integer"
},
"malformed_dropped_packets": {
"description": "Number of packtes dropped as they are malformed.",
"required": false,
"title": "The number of malformed packets dropped",
"type": "integer"
},
"no_arp_dropped_packets": {
"description": "Number of no ARP packets dropped.",
"required": false,
"title": "The number of no ARP packets dropped",
"type": "integer"
},
"no_linked_dropped_packets": {
"description": "Number of packets dropped as no linked ports are present.",
"required": false,
"title": "The number of no linked packets dropped",
"type": "integer"
},
"no_mem_dropped_packets": {
"description": "Number of packets dropped due to insufficient memory.",
"required": false,
"title": "The number of no memory packets dropped",
"type": "integer"
},
"no_receiver_dropped_packets": {
"description": "Number of packets dropped due to absence of receiver.",
"required": false,
"title": "The number of no receiver packets dropped",
"type": "integer"
},
"no_route_dropped_packets": {
"desrciption": "Number of packets dropped due to absence of routes.",
"required": false,
"title": "The number of no route packets dropped",
"type": "integer"
},
"non_ip_dropped_packets": {
"description": "Number of non IP packets dropped.",
"required": false,
"title": "The number of non IP packets dropped",
"type": "integer"
},
"proto_unsupported_dropped_packets": {
"description": "Number of packets dropped as protocol is unsupported.",
"required": false,
"title": "The number of protocol unsupported packets dropped",
"type": "integer"
},
"redirect_dropped_packets": {
"description": "Number of redirect packets dropped.",
"required": false,
"title": "The number of redirect packets dropped",
"type": "integer"
},
"rpf_check_dropped_packets": {
"description": "Number of reverse-path forwarding check packets dropped.",
"required": false,
"title": "The number of reverse-path forwarding check packets dropped",
"type": "integer"
},
"service_insert_dropped_packets": {
"description": "Number of service insert packets dropped.",
"required": false,
"title": "The number of service insert packets dropped",
"type": "integer"
},
"total_bytes": {
"description": "The total number of bytes transferred.",
"required": false,
"title": "The total number of bytes",
"type": "integer"
},
"total_packets": {
"description": "The total number of packets transferred.",
"required": false,
"title": "The total number of packets",
"type": "integer"
},
"ttl_exceeded_dropped_packets": {
"description": "Number of time to live exceeded packets dropped.",
"required": false,
"title": "The number of time to live exceeded packets dropped",
"type": "integer"
}
},
"type": "object"
}
LogicalRouterPortStatistics (type)
{
"id": "LogicalRouterPortStatistics",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"per_node_statistics": {
"additionalProperties": false,
"items": {
"$ref": "LogicalRouterPortStatisticsPerNode
},
"readonly": true,
"required": false,
"title": "Per Node Statistics",
"type": "array"
}
},
"type": "object"
}
LogicalRouterPortStatisticsPerNode (type)
{
"extends": {
"$ref": "AggregatedLogicalRouterPortCounters
},
"id": "LogicalRouterPortStatisticsPerNode",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "The ID of the TransportNode",
"type": "string"
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalRouterPortStatisticsSummary (type)
{
"extends": {
"$ref": "AggregatedLogicalRouterPortCounters
},
"id": "LogicalRouterPortStatisticsSummary",
"module_id": "AggSvcLogicalRouterPort",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"type": "object"
}
LogicalRouterState (type)
{
"description": "This holds the state of Logical Router. If there are errors in realizing LR outside of MP, it gives details of the components and specific errors.",
"extends": {
"$ref": "EdgeConfigurationState
},
"id": "LogicalRouterState",
"module_id": "LogicalRouter",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"pending_change_list": {
"description": "Request identifier of the API which modified the entity.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of pending changes",
"type": "array"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Realization State of Logical Router.",
"type": "object"
}
LogicalRouterStatus (type)
{
"additionalProperties": false,
"id": "LogicalRouterStatus",
"module_id": "AggSvcLogicalRouter",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"locale_operation_mode": {
"description": "Egress mode for the logical router at given mode",
"enum": [
"PRIMARY_LOCATION",
"SECONDARY_LOCATION"
],
"readonly": true,
"title": "Location mode for logical router",
"type": "string"
},
"logical_router_id": {
"required": true,
"title": "The id of the logical router",
"type": "string"
},
"per_node_status": {
"items": {
"$ref": "LogicalRouterStatusPerNode
},
"readonly": true,
"title": "Per Node Status",
"type": "array"
}
},
"type": "object"
}
LogicalRouterStatusPerNode (type)
{
"id": "LogicalRouterStatusPerNode",
"module_id": "AggSvcLogicalRouter",
"properties": {
"edge_path": {
"description": "Only populated by Policy APIs",
"required": false,
"title": "edge transport node path.",
"type": "string"
},
"high_availability_status": {
"enum": [
"ACTIVE",
"STANDBY",
"DOWN",
"SYNC",
"UNKNOWN",
"ADMIN_DOWN"
],
"required": true,
"title": "A service router's HA status on an edge node",
"type": "string"
},
"service_router_id": {
"required": false,
"title": "id of the service router where the router status is retrieved.",
"type": "string"
},
"sub_cluster_id": {
"description": "This field is populated for sateful active-active mode. Runtime state is only synced among nodes in the same sub cluster.",
"required": false,
"title": "Sub cluster id for the node.",
"type": "string"
},
"transport_node_id": {
"required": true,
"title": "id of the transport node where the router status is retrieved.",
"type": "string"
}
},
"type": "object"
}
LogicalSwitchStatistics (type)
{
"extends": {
"$ref": "AggregatedDataCounterEx
},
"id": "LogicalSwitchStatistics",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"type": "object"
}
MACAddress (type)
{
"description": "A MAC address. Must be 6 pairs of hexadecimal digits, upper or lower case, separated by colons or dashes. Examples: 01:23:45:67:89:ab, 01-23-45-67-89-AB.",
"format": "mac-address",
"id": "MACAddress",
"module_id": "Common",
"title": "MAC Address",
"type": "string"
}
MACAddressExpression (type)
{
"additionalProperties": false,
"description": "Represents MAC address expressions in the form of an array, to support addition of MAC addresses in a group. Avoid creating groups with multiple MACAddressExpression. In future releases, group will be restricted to contain a single MACAddressExpression. To group MAC addresses, use nested groups instead of multiple MACAddressExpression.",
"extends": {
"$ref": "Expression
},
"id": "MACAddressExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "MACAddressExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_addresses": {
"description": "This array can consist of one or more MAC addresses.",
"items": {
"$ref": "MACAddress
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of MAC addresses",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "MAC address expression node",
"type": "object"
}
MACAddressList (type)
{
"additionalProperties": false,
"description": "List of MAC Addresses.",
"id": "MACAddressList",
"module_id": "Policy",
"properties": {
"mac_addresses": {
"description": "The array contains MAC addresses.",
"items": {
"$ref": "MACAddress
},
"maxItems": 4000,
"minItems": 1,
"required": true,
"title": "Array of MAC addresses",
"type": "array"
}
},
"title": "MAC Address members.",
"type": "object"
}
MacAddressCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "MacAddressCsvListResult",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "MacTableCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
MacAddressType (type)
{
"enum": [
"STATIC",
"LEARNED"
],
"id": "MacAddressType",
"module_id": "AggSvcLogicalPort",
"title": "The type of the MAC address",
"type": "string"
}
MacDiscoveryProfile (type)
{
"additionalProperties": false,
"description": "Mac Discovery Profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MacDiscoveryProfile",
"module_id": "PolicyMacDiscovery",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"mac_change_enabled": {
"default": false,
"description": "Allowing source MAC address change",
"required": false,
"title": "Is rule enabled or not",
"type": "boolean"
},
"mac_learning_aging_time": {
"default": 600,
"description": "Indicates how long learned MAC address remain.",
"readonly": true,
"required": false,
"title": "Aging time in seconds for learned MAC address",
"type": "int"
},
"mac_learning_enabled": {
"description": "Allowing source MAC address learning",
"required": true,
"title": "Is MAC learning enabled or not",
"type": "boolean"
},
"mac_limit": {
"default": 4096,
"description": "The maximum number of mac addresses that can be learnt on this port when mac learning is enabled.",
"maximum": 4096,
"minimum": 0,
"required": false,
"title": "Maximum number of MAC addresses learnt",
"type": "int"
},
"mac_limit_policy": {
"default": "ALLOW",
"description": "The policy after MAC Limit is exceeded",
"enum": [
"ALLOW",
"DROP"
],
"title": "Mac Limit Policy",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remote_overlay_mac_limit": {
"default": 2048,
"description": "The maximum number of mac addresses learnt on an overlay logical switch, irrespective of whether mac learning is enabled on the segment ports. When this limit is reached, traffic for mac addresses that are not learnt will be flooded.",
"maximum": 8192,
"minimum": 2048,
"title": "The maximum number of MAC addresses learned on an overlay Logical Switch",
"type": "int"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"unknown_unicast_flooding_enabled": {
"default": true,
"description": "Allowing flooding for unlearned MAC for ingress traffic",
"required": false,
"title": "Is unknown unicast flooding rule enabled or not",
"type": "boolean"
}
},
"search_dsl_name": [
"mac discovery segment profile"
],
"title": "Mac Discovery Profile",
"type": "object"
}
MacDiscoveryProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "MacDiscoveryProfileListRequestParameters",
"module_id": "PolicyMacDiscovery",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Mac Discovery Profile request parameters",
"type": "object"
}
MacDiscoveryProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "MacDiscoveryProfileListResult",
"module_id": "PolicyMacDiscovery",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacDiscoveryProfile
},
"required": true,
"title": "Mac Discovery profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Mac Discovery Profiles",
"type": "object"
}
MacLearningCounters (type)
{
"id": "MacLearningCounters",
"module_id": "AggSvcL2Types",
"properties": {
"mac_not_learned_packets_allowed": {
"description": "The number of packets with unknown source MAC address that are dispatched without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_ALLOW.",
"required": false,
"title": "Number of dispatched packets with unknown source MAC address.",
"type": "integer"
},
"mac_not_learned_packets_dropped": {
"description": "The number of packets with unknown source MAC address that are dropped without learning the source MAC address. Applicable only when the MAC limit is reached and MAC Limit policy is MAC_LEARNING_LIMIT_POLICY_DROP.",
"required": false,
"title": "Number of dropped packets with unknown source MAC address.",
"type": "integer"
},
"macs_learned": {
"required": false,
"title": "Number of MACs learned",
"type": "integer"
}
},
"type": "object"
}
MacTableCsvRecord (type)
{
"extends": {
"$ref": "CsvRecord
},
"id": "MacTableCsvRecord",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"rtep_group_id": {
"description": "RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address.",
"title": "Remote tunnel endpoint(RTEP) group id",
"type": "integer"
},
"vtep_group_id": {
"description": "VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address.",
"title": "Virtual tunnel endpoint(VTEP) group id",
"type": "integer"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IP address"
},
"vtep_mac_address": {
"required": false,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
MacTableEntry (type)
{
"id": "MacTableEntry",
"module_id": "AggSvcLogicalSwitch",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"rtep_group_id": {
"description": "RTEP group id is applicable when the logical switch is stretched across multiple sites. When rtep_group_id is set, mac_address represents remote mac_address.",
"title": "Remote tunnel endpoint(RTEP) group id",
"type": "integer"
},
"vtep_group_id": {
"description": "VTEP group id is applicable when the logical switch is stretched across multiple sites. When vtep_group_id is set, mac_address represents remote mac_address.",
"title": "Virtual tunnel endpoint(VTEP) group id",
"type": "integer"
},
"vtep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The virtual tunnel endpoint IP address"
},
"vtep_mac_address": {
"required": false,
"title": "The virtual tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
MalwarePreventionProfile (type)
{
"additionalProperties": false,
"description": "MalwarePrevention Profile which contains the criteria to include Malware Prevention signatures.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MalwarePreventionProfile",
"module_id": "PolicyAntiMalware",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"detection_type": {
"description": "Represents how the Malware Prevention detection works.",
"enum": [
"SIGNATURE_BASED",
"SIGNATURE_AND_SANDBOXING_BASED"
],
"required": true,
"title": "Detection Types",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file_type": {
"description": "Represents different type of files extensions supported in Malware Prevention.",
"items": {
"$ref": "FileType
},
"required": true,
"title": "File Type",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Malware Prevention Profile",
"type": "object"
}
MalwarePreventionSignature (type)
{
"additionalProperties": false,
"description": "Malware Prevention Signature .",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MalwarePreventionSignature",
"module_id": "PolicyAntiMalware",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file_type": {
"description": "File type of Signature.",
"required": false,
"title": "File Type",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"signature_id": {
"description": "Represents the Signature's id.",
"required": false,
"title": "Signature ID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Malware Prevention Signature",
"type": "object"
}
ManagedResource (type)
{
"abstract": true,
"extends": {
"$ref": "RevisionedResource
},
"id": "ManagedResource",
"module_id": "Common",
"polymorphic-type-descriptor": {
"mode": "force",
"property-name": "resource_type"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Base type for resources that are managed by API clients",
"type": "object"
}
ManagementConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "RevisionedResource
},
"id": "ManagementConfig",
"module_id": "ConfigManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"publish_fqdns": {
"required": true,
"title": "True if Management nodes publish their fqdns(instead of default IP addresses) across NSX for its reachability.",
"type": "boolean"
}
},
"type": "object"
}
MandatoryAccessControlProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "MandatoryAccessControlProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"enabled": {
"description": "Enabled can be True/False",
"type": "boolean"
},
"status": {
"description": "current status of Mandatory Access Control",
"enum": [
"ENABLED",
"DISABLED",
"ENABLED_PENDING_REBOOT"
],
"readonly": true,
"type": "string"
}
},
"title": "Information about mandatory access control",
"type": "object"
}
MetadataProxyConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MetadataProxyConfig",
"module_id": "PolicyMetadataProxy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"crypto_protocols": {
"description": "The cryptographic protocols listed here are supported by the metadata proxy. TLSv1.1 and TLSv1.2 are supported by default",
"items": {
"$ref": "MetadataProxyCryptoProtocols
},
"title": "Metadata proxy supported cryptographic protocols",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_path": {
"description": "Edge clusters configured on MP are auto-discovered by Policy and create corresponding read-only intent objects.",
"required": true,
"title": "Poilcy path to Edge Cluster",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Only auto-placed metadata proxies are considered for relocation. Must be FALSE, when the preferred_edge_paths property is configured.",
"title": "Flag to enable standby relocation",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"preferred_edge_paths": {
"description": "Edge nodes should be members of edge cluster configured in edge_cluster_path.",
"items": {
"type": "string"
},
"maxItems": 2,
"title": "Preferred Edge Paths",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"secret": {
"description": "Secret word or phrase to access metadata server.",
"required": true,
"title": "Secret",
"type": "string"
},
"server_address": {
"description": "This field is a URL. Example formats - http://1.2.3.4:3888/path, http://text-md-proxy:5001/. Port number should be between 3000-9000.",
"required": true,
"title": "Server Address",
"type": "string"
},
"server_certificates": {
"description": "Valid certificates should be configured. The validity of certificates is not checked. Certificates are managed through /infra/certificates API on Policy.",
"items": {
"type": "string"
},
"title": "Policy paths to Certificate Authority (CA) certificates",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"MetadataProxyConfig"
],
"relationshipType": "METADATA_PROXY_TLS_CERTIFICATE_RELATIONSHIP",
"rightType": [
"TlsCertificate"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Metadata Proxy Configuration",
"type": "object"
}
MetadataProxyCryptoProtocols (type)
{
"additionalProperties": false,
"default": "TLS_V1_2",
"enum": [
"TLS_V1",
"TLS_V1_1",
"TLS_V1_2"
],
"id": "MetadataProxyCryptoProtocols",
"module_id": "PolicyMetadataProxy",
"title": "Metadata proxy supported cryptographic protocol",
"type": "string"
}
MetadataProxyRuntimeRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a segment path and enforcement_point_path.",
"extends": {
"$ref": "PolicyRuntimeRequestParameters
},
"id": "MetadataProxyRuntimeRequestParameters",
"module_id": "PolicyMetadataProxy",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"segment_path": {
"required": false,
"title": "String Path of the segment which is associated with this metadata proxy",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Metadata Proxy Runtime Information",
"type": "object"
}
MetadataProxyStatisticsPerSegment (type)
{
"id": "MetadataProxyStatisticsPerSegment",
"module_id": "PolicyMetadataProxy",
"properties": {
"error_responses_from_nova_server": {
"required": true,
"title": "error responses from nova server",
"type": "integer"
},
"requests_from_clients": {
"required": true,
"title": "requests from clients",
"type": "integer"
},
"requests_to_nova_server": {
"required": true,
"title": "requests to nova server",
"type": "integer"
},
"responses_to_clients": {
"required": true,
"title": "responses to clients",
"type": "integer"
},
"segment_path": {
"required": true,
"title": "Policy path of the attached segment",
"type": "string"
},
"succeeded_responses_from_nova_server": {
"required": true,
"title": "succeeded responses from nova server",
"type": "integer"
}
},
"type": "object"
}
MirrorStackStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "MirrorStackStatusListResult",
"module_id": "PortMirroring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"overall_status": {
"$ref": "MirrorStackStatusType,
"description": "SUCCESS if all the TN's stack status are SUCCESS, FAILED if some of the TN's stack status are FAILED.",
"required": true,
"title": "Overall mirror stack status for all the TNs"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List all TN nodes which spaned in remote L3 mirror session mirror stack health status detailed info, including mirror stack status, vmknic status, TN node ID, TN node name and last updated status timestamp.",
"items": {
"$ref": "TnNodeStackSpanStatus
},
"required": true,
"title": "All TN nodes in remote L3 mirror session mirror stack health status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
MirrorStackStatusType (type)
{
"additionalProperties": false,
"description": "MirrorStackStatusType indicates the health result after user configured mirror stack on L3PortMirrorSession. When configure mirror stack on L3PortMirrorSession, it has two preconditions, ESXi has been configured mirror stack and vmknic has been bounded to the stack. SUCCESS means the host has mirror stack and vmknic has been bounded to the stack, FAILED means either there is no mirror stack or the vmknic not bounded to it.",
"enum": [
"UNKNOWN",
"SUCCESS",
"FAILED"
],
"id": "MirrorStackStatusType",
"module_id": "PortMirroring",
"title": "Mirror stack status type",
"type": "string"
}
MitreAttack (type)
{
"additionalProperties": false,
"description": "Contain Mitre attack details like tacticName, tacticUrl, techniqueName and techniqueUrl.",
"id": "MitreAttack",
"module_id": "PolicyIDSMetrics",
"properties": {
"tactic_name": {
"description": "Represents tactic name of attack.",
"title": "Tactic Name",
"type": "string"
},
"tactic_url": {
"description": "Represents tactic url of attack.",
"title": "Tactic Url",
"type": "string"
},
"technique_name": {
"description": "Represents technique name of attack.",
"title": "Technique Name",
"type": "string"
},
"technique_url": {
"description": "Represents technique url of attack.",
"title": "Technique Url",
"type": "string"
}
},
"title": "Mitre Attack",
"type": "object"
}
MonitoringError (type)
{
"description": "Monitoring information is gathered from multiple sub-systems/components, using REST or RPC calls internally. It is quite possible for a component or sub-system fail, in which case it is captured as an error and reported.",
"id": "MonitoringError",
"module_id": "FederationObservability",
"properties": {
"error_code": {
"read_only": true,
"title": "NSX error code if available",
"type": "integer"
},
"error_message": {
"read_only": true,
"title": "Error mesage",
"type": "string"
},
"params": {
"items": {
"type": "object"
},
"read_only": true,
"title": "Parameters for construcing error details",
"type": "array"
}
},
"title": "Represents an error that occurred while gathering information",
"type": "object"
}
MonitoringInfo (type)
{
"description": "Provides monitoring information for all flows in federation from the given site where the API is invoked. For example - monitoring information from Global Manager doesn't provide details of Local Manager to Local Manager flows. Similary, LocalManager will not provide Global Manager ACTIVE to Global Manager STANDBY flow details.",
"id": "MonitoringInfo",
"module_id": "FederationObservability",
"properties": {
"errors": {
"items": {
"$ref": "MonitoringError
},
"read_only": true,
"title": "All errors occurred while gathering monitoring info",
"type": "array"
},
"flow_info": {
"items": {
"$ref": "FlowInfo
},
"read_only": true,
"title": "Monitoring information of flows in federation",
"type": "array"
}
},
"title": "Provides details of all flows in federation",
"type": "object"
}
MonitoringProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "MonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base Monitoring Profile Binding Map",
"type": "object"
}
MultiWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Combines two or more widgetconfigurations into a multi-widget",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "MultiWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "MultiWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widgets": {
"description": "Array of widgets that are part of the multi-widget.",
"items": {
"$ref": "WidgetItem
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "Widgets",
"type": "array"
}
},
"title": "Multi-Widget",
"type": "object"
}
NDRAAdvertisedRoute (type)
{
"additionalProperties": false,
"id": "NDRAAdvertisedRoute",
"module_id": "Routing",
"properties": {
"route_lifetime": {
"default": 1800,
"description": "Lifetime of advertised route in seconds.",
"maximum": 65520,
"minimum": 0,
"required": false,
"title": "Lifetime of advertised route",
"type": "integer"
},
"route_preference": {
"$ref": "NDRAPreference,
"default": "MEDIUM",
"description": "NDRA Route preference. Indicates preference of the router associated with a prefix over others, when multiple identical prefixes (for different routers) have been received.",
"required": false,
"title": "Route preference"
},
"subnet": {
"$ref": "IPv6CIDRBlock,
"description": "Advertised route subnet",
"required": true,
"title": "Advertised route subnet"
}
},
"type": "object"
}
NDRAPreference (type)
{
"additionalProperties": false,
"description": "For an NDRA router, indicates preference of this router over other default routers. For an NDRA route, indicates preference of the router associated with this prefix over others, when multiple identical prefixes (for different routers) have been received. Preference values are LOW, MEDIUM (default) and HIGH. RESERVED value is not to be used and is treated as MEDIUM.",
"enum": [
"LOW",
"MEDIUM",
"HIGH",
"RESERVED"
],
"id": "NDRAPreference",
"module_id": "Routing",
"title": "NDRA Router and route preference",
"type": "string"
}
NSXTConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to an NSX-T type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "NSXTConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "NSXTConnectionInfo"
},
"properties": {
"edge_cluster_ids": {
"deprecated": true,
"description": "Edge Cluster UUIDs on enforcement point. Edge cluster information is required for creating logical L2, L3 constructs on enforcement point. Max 1 edge cluster ID. This is a deprecated property. The edge cluster id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/edge-clusters and GET /infra/sites/site-id/enforcement-points/enforcementpoint-1/edge-clusters/edge-cluster-id. The value passed through this property will be ignored.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Edge Cluster IDs",
"type": "array"
},
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"sensitive": true,
"title": "Password",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"transport_zone_ids": {
"deprecated": true,
"description": "Transport Zone UUIDs on enforcement point. Transport zone information is required for creating logical L2, L3 constructs on enforcement point. Max 1 transport zone ID. This is a deprecated property. The transport zone id is now auto populated from enforcement point and its value can be read using APIs GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones and GET /infra/sites/site-id/enforcement-points/enforcementpoint-id/transport-zones/transport-zone-id. The value passed through this property will be ignored.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Transport Zone IDs",
"type": "array"
},
"username": {
"description": "Username.",
"title": "Username",
"type": "string"
}
},
"title": "NSX-T Connection Info",
"type": "object"
}
NSXVConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to an NSX-V type of enforcement point.",
"extends": {
"$ref": "EnforcementPointConnectionInfo
},
"id": "NSXVConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"polymorphic-type-descriptor": {
"type-identifier": "NSXVConnectionInfo"
},
"properties": {
"enforcement_point_address": {
"description": "Value of this property could be Hostname or IP. For instance: - On an NSX-T MP running on default port, the value could be \"10.192.1.1\" - On an NSX-T MP running on custom port, the value could be \"192.168.1.1:32789\" - On an NSX-T MP in VMC deployments, the value could be \"192.168.1.1:5480/nsxapi\"",
"required": true,
"title": "Enforcement Point Address",
"type": "string"
},
"password": {
"description": "Password.",
"required": true,
"sensitive": true,
"title": "Password",
"type": "string"
},
"resource_type": {
"description": "Resource Type of Enforcement Point Connection Info.",
"enum": [
"NSXTConnectionInfo",
"NSXVConnectionInfo",
"CvxConnectionInfo",
"AviConnectionInfo"
],
"required": true,
"title": "Connection Info Resource Type",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of EnforcementPoint in the form of a SHA-256 hash represented in lower case HEX.",
"required": true,
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username.",
"required": true,
"sensitive": true,
"title": "Username",
"type": "string"
}
},
"title": "NSX-V Connection Info",
"type": "object"
}
NamespaceMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "NamespaceMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The display name of the member on the enforcement point",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The ID of the member on the enforcement point",
"type": "string"
},
"pods": {
"items": {
"$ref": "PolicyGroupMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
NdSnoopingConfig (type)
{
"additionalProperties": false,
"description": "Contains Neighbor Discovery Protocol (ND) snooping related configuration.",
"id": "NdSnoopingConfig",
"module_id": "PolicyIpDiscovery",
"properties": {
"nd_snooping_enabled": {
"default": false,
"description": "Enable this method will snoop the NS (Neighbor Solicitation) and NA (Neighbor Advertisement) messages in the ND (Neighbor Discovery Protocol) family of messages which are transmitted by a VM. From the NS messages, we will learn about the source which sent this NS message. From the NA message, we will learn the resolved address in the message which the VM is a recipient of. Addresses snooped by this method are subject to TOFU (Trust on First Use) policies as enforced by the system.",
"required": false,
"title": "Is ND snooping enabled or not",
"type": "boolean"
},
"nd_snooping_limit": {
"default": 3,
"description": "Maximum number of ND (Neighbor Discovery Protocol) snooped IPv6 addresses",
"maximum": 15,
"minimum": 2,
"required": false,
"title": "Maximum number of ND (Neighbor Discovery Protocol) bindings",
"type": "int"
}
},
"title": "ND Snooping Configuration",
"type": "object"
}
NdpHeader (type)
{
"additionalProperties": false,
"id": "NdpHeader",
"module_id": "Traceflow",
"properties": {
"dst_ip": {
"$ref": "IPv6Address,
"description": "The IP address of the destination of the solicitation. It MUST NOT be a multicast address.",
"required": false,
"title": "The destination IP address"
},
"msg_type": {
"default": "NEIGHBOR_SOLICITATION",
"description": "This field specifies the type of the Neighbor discover message being sent. NEIGHBOR_SOLICITATION - Neighbor Solicitation message to discover the link-layer address of an on-link IPv6 node or to confirm a previously determined link-layer address. NEIGHBOR_ADVERTISEMENT - Neighbor Advertisement message in response to a Neighbor Solicitation message.",
"enum": [
"NEIGHBOR_SOLICITATION",
"NEIGHBOR_ADVERTISEMENT"
],
"title": "NDP message type",
"type": "string"
}
},
"title": "Neighbor discovery protocol header",
"type": "object"
}
NestedExpression (type)
{
"additionalProperties": false,
"description": "Nested expressions is a list of condition expressions that must follow the below criteria: 0. Only allowed expressions in a NestedExpression are Condition and ConjunctionOperator. 1. A non-empty expression list, must be of odd size. In a list, with indices starting from 0, all condition expressions must be at even indices, separated by the conjunction expressions AND at odd indices. 2. There may be at most 5 condition expressions inside a list. 3. NestedExpressions are homogeneous in nature, i.e, all expressions inside a nested expression must have the same member type.",
"extends": {
"$ref": "Expression
},
"id": "NestedExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "NestedExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"expressions": {
"description": "Expression.",
"items": {
"$ref": "Expression
},
"minItems": 1,
"required": true,
"title": "Expression",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "NestedExpression",
"type": "object"
}
NestedServiceServiceEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ServiceEntry
},
"id": "NestedServiceServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "NestedServiceServiceEntry"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nested_service_path": {
"required": true,
"title": "path of nested service",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"NestedServiceServiceEntry"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"ServiceEntry"
]
},
{
"leftType": [
"NestedServiceServiceEntry"
],
"relationshipType": "NESTED_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"Service"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A ServiceEntry that represents nesting service",
"type": "object"
}
NetworkError (type)
{
"description": "Network error related to container objects.",
"id": "NetworkError",
"module_id": "InventoryContainerObj",
"properties": {
"error_code": {
"description": "Error code of network related error.",
"readonly": true,
"required": false,
"title": "Error code",
"type": "string"
},
"error_message": {
"description": "Detailed message of network related error.",
"readonly": true,
"required": false,
"title": "Error message",
"type": "string"
},
"spec": {
"description": "Additional error information in json format.",
"readonly": true,
"required": false,
"title": "Other specifications",
"type": "string"
}
},
"title": "Network Error",
"type": "object"
}
NetworkInterfaceRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to filter REST API for list network interface.",
"extends": {
"$ref": "DataSourceParameters
},
"id": "NetworkInterfaceRequestParameters",
"module_id": "ApplianceStats",
"properties": {
"admin_status": {
"description": "Defines admin status of the interface.",
"enum": [
"UP",
"DOWN"
],
"title": "Admin status of the interface",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Node network interface request parameters",
"type": "object"
}
NewRole (type)
{
"id": "NewRole",
"module_id": "AAA",
"properties": {
"new_role_description": {
"required": false,
"title": "New role description",
"type": "string"
},
"new_role_id": {
"pattern": "^[_a-z0-9-]+$",
"required": true,
"title": "New role id",
"type": "string"
},
"new_role_name": {
"required": true,
"title": "New role name",
"type": "string"
}
},
"title": "New Role",
"type": "object"
}
NoRestRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameter definition for requests that do not allow parameters.",
"id": "NoRestRequestParameters",
"module_id": "Types",
"properties": {},
"type": "object"
}
NodeAsyncReplicatorServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeAsyncReplicatorServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodeAuthProviderVidmProperties (type)
{
"additionalProperties": false,
"id": "NodeAuthProviderVidmProperties",
"properties": {
"client_id": {
"required": true,
"title": "vIDM client id",
"type": "string"
},
"client_secret": {
"required": false,
"sensitive": true,
"title": "vIDM client secret",
"type": "string"
},
"host_name": {
"required": true,
"title": "Fully Qualified Domain Name(FQDN) of vIDM",
"type": "string"
},
"lb_enable": {
"required": false,
"title": "Load Balancer enable flag",
"type": "boolean"
},
"node_host_name": {
"description": "host name to use when creating the redirect URL for clients to follow after authenticating to vIDM",
"required": true,
"title": "host name of the node redirected to",
"type": "string"
},
"thumbprint": {
"description": "Hexadecimal SHA256 hash of the vIDM server's X.509 certificate",
"required": true,
"title": "vIDM certificate thumbprint",
"type": "string"
},
"vidm_enable": {
"required": false,
"title": "vIDM enable flag",
"type": "boolean"
}
},
"title": "Node AAA provider vIDM properties",
"type": "object"
}
NodeAuthProviderVidmStatus (type)
{
"additionalProperties": false,
"id": "NodeAuthProviderVidmStatus",
"properties": {
"runtime_state": {
"required": true,
"title": "AAA provider vIDM status",
"type": "string"
},
"vidm_enable": {
"required": true,
"title": "vIDM enable flag",
"type": "boolean"
}
},
"title": "Node AAA provider vIDM status",
"type": "object"
}
NodeFileSystemProperties (type)
{
"additionalProperties": false,
"id": "NodeFileSystemProperties",
"module_id": "ApplianceStats",
"properties": {
"file_system": {
"readonly": true,
"title": "File system id",
"type": "string"
},
"mount": {
"readonly": true,
"title": "File system mount",
"type": "string"
},
"total": {
"readonly": true,
"title": "File system size in kilobytes",
"type": "integer"
},
"type": {
"readonly": true,
"title": "File system type",
"type": "string"
},
"used": {
"readonly": true,
"title": "Amount of file system used in kilobytes",
"type": "integer"
}
},
"title": "File system properties",
"type": "object"
}
NodeGlobalManagerServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeGlobalManagerServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodeHttpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeHttpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "HttpServiceProperties,
"title": "HTTP Service properties"
}
},
"title": "Node HTTP service properties",
"type": "object"
}
NodeIdServicesMap (type)
{
"additionalProperties": false,
"id": "NodeIdServicesMap",
"module_id": "CertificateManager",
"properties": {
"node_id": {
"maxLength": 255,
"readonly": false,
"required": true,
"title": "NodeId",
"type": "string"
},
"service_types": {
"description": "List of ServiceTypes.",
"items": {
"$ref": "ServiceType
},
"readonly": false,
"required": true,
"type": "array"
}
},
"type": "object"
}
NodeInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeInfo",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"component_version": {
"readonly": true,
"required": true,
"title": "Component version of the node",
"type": "string"
},
"display_name": {
"readonly": true,
"required": true,
"title": "Name of the node",
"type": "string"
},
"id": {
"description": "Identifier of the node",
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"type": {
"readonly": true,
"required": true,
"title": "Node type",
"type": "string"
}
},
"type": "object"
}
NodeInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "NodeInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which nodes will be filtered",
"type": "string"
},
"component_version": {
"readonly": false,
"required": false,
"title": "Component version based on which nodes will be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NodeInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "NodeInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeInfo
},
"required": true,
"title": "Paged Collection of Nodes",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
NodeInstallUpgradeServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeInstallUpgradeServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "InstallUpgradeServiceProperties,
"title": "install-upgrade Service properties"
}
},
"title": "Node install-upgrade service properties",
"type": "object"
}
NodeInterfaceAlias (type)
{
"additionalProperties": false,
"id": "NodeInterfaceAlias",
"module_id": "ApplianceStats",
"properties": {
"broadcast_address": {
"$ref": "IPAddress,
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface broadcast address"
},
"ip_address": {
"$ref": "IPAddress,
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface IP address"
},
"ip_configuration": {
"enum": [
"dhcp",
"static",
"not configured"
],
"title": "Interface configuration",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface netmask",
"type": "string"
},
"physical_address": {
"$ref": "MACAddress,
"title": "Interface MAC address"
}
},
"title": "Node network interface alias",
"type": "object"
}
NodeInterfaceProperties (type)
{
"additionalProperties": false,
"id": "NodeInterfaceProperties",
"module_id": "ApplianceStats",
"properties": {
"admin_status": {
"enum": [
"UP",
"DOWN"
],
"title": "Interface administration status",
"type": "string"
},
"backing_nsx_managed": {
"title": "Indicates whether backing of VIRTUAL network interface is managed by NSX",
"type": "boolean"
},
"connected_switch": {
"title": "Connected switch",
"type": "string"
},
"connected_switch_type": {
"description": "Type of switch associated with the interface.",
"enum": [
"VSS",
"DVS",
"N-VDS"
],
"readonly": true,
"required": false,
"title": "Type of switch",
"type": "string"
},
"device": {
"description": "Device name.",
"readonly": true,
"required": false,
"title": "Device name",
"type": "string"
},
"driver": {
"description": "Driver name.",
"readonly": true,
"required": false,
"title": "Driver name",
"type": "string"
},
"ens_capable": {
"title": "Interface capability for Enhanced Networking Stack",
"type": "boolean"
},
"ens_enabled": {
"title": "Indicates whether interface is enabled for Enhanced Networking Stack",
"type": "boolean"
},
"ens_interrupt_capable": {
"description": "This boolean property describes if network interface is capable for Enhanced Networking Stack interrupt",
"title": "Interface capability for Enhanced Networking Stack interrupt",
"type": "boolean"
},
"ens_interrupt_enabled": {
"description": "This boolean property describes if network interface is enabled for Enhanced Networking Stack interrupt",
"title": "Indicates whether interface is enabled for Enhanced Networking Stack interrupt",
"type": "boolean"
},
"host_managed": {
"title": "Indicates whether interface is managed by the host",
"type": "boolean"
},
"interface_alias": {
"items": {
"$ref": "NodeInterfaceAlias
},
"title": "IP Alias",
"type": "array"
},
"interface_id": {
"title": "Interface ID",
"type": "string"
},
"interface_type": {
"enum": [
"PHYSICAL",
"VIRTUAL",
"BOND",
"TEAMING"
],
"title": "Interface Type",
"type": "string"
},
"interface_uuid": {
"readonly": true,
"required": false,
"title": "UUID of the interface",
"type": "string"
},
"key": {
"description": "Device key.",
"readonly": true,
"required": false,
"title": "Device key",
"type": "string"
},
"link_status": {
"enum": [
"UP",
"DOWN"
],
"title": "Interface administration status",
"type": "string"
},
"lport_attachment_id": {
"title": "LPort Attachment Id assigned to VIRTUAL network interface of a node",
"type": "string"
},
"mtu": {
"title": "Interface MTU",
"type": "integer"
},
"pci": {
"description": "PCI device.",
"readonly": true,
"required": false,
"title": "PCI device",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"title": "Source of status data"
}
},
"title": "Node network interface properties",
"type": "object"
}
NodeInterfacePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeInterfacePropertiesListResult",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeInterfaceProperties
},
"required": true,
"title": "Node interface property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network interface properties list results",
"type": "object"
}
NodeInterfaceStatisticsProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeInterfaceStatisticsProperties",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"interface_id": {
"title": "Interface ID",
"type": "string"
},
"rx_bytes": {
"title": "Number of bytes received",
"type": "integer"
},
"rx_dropped": {
"title": "Number of packets dropped",
"type": "integer"
},
"rx_errors": {
"title": "Number of receive errors",
"type": "integer"
},
"rx_frame": {
"title": "Number of framing errors",
"type": "integer"
},
"rx_packets": {
"title": "Number of packets received",
"type": "integer"
},
"source": {
"$ref": "DataSourceType,
"title": "Source of status data."
},
"tx_bytes": {
"title": "Number of bytes transmitted",
"type": "integer"
},
"tx_carrier": {
"title": "Number of carrier losses detected",
"type": "integer"
},
"tx_colls": {
"title": "Number of collisions detected",
"type": "integer"
},
"tx_dropped": {
"title": "Number of packets dropped",
"type": "integer"
},
"tx_errors": {
"title": "Number of transmit errors",
"type": "integer"
},
"tx_packets": {
"title": "Number of packets transmitted",
"type": "integer"
}
},
"title": "Node network interface statistic properties",
"type": "object"
}
NodeLogProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeLogProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"last_modified_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Last modified time expressed in milliseconds since epoch"
},
"log_name": {
"readonly": true,
"title": "Name of log file",
"type": "string"
},
"log_size": {
"readonly": true,
"title": "Size of log file in bytes",
"type": "integer"
}
},
"title": "Node log properties",
"type": "object"
}
NodeLogPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeLogPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeLogProperties
},
"required": true,
"title": "Node log property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node log property query results",
"type": "object"
}
NodeNameServersProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeNameServersProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"name_servers": {
"items": {
"type": "string"
},
"maxItems": 3,
"required": true,
"title": "Name servers",
"type": "array"
}
},
"title": "Node network name servers properties",
"type": "object"
}
NodeNetworkInterfaceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeNetworkInterfaceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"admin_status": {
"enum": [
"up",
"down"
],
"readonly": true,
"title": "Interface administration status",
"type": "string"
},
"bond_cur_active_slave": {
"readonly": true,
"title": "Bond's currently active slave device",
"type": "string"
},
"bond_lacp_rate": {
"readonly": true,
"title": "Bond's rate at which we'll ask our link partner to transmit LACPDU packets in 802.3ad mode",
"type": "string"
},
"bond_mode": {
"enum": [
"ACTIVE_BACKUP",
"802_3AD",
"ROUND_ROBIN",
"BROADCAST",
"XOR",
"TLB",
"ALB"
],
"title": "Bond mode",
"type": "string"
},
"bond_primary": {
"title": "Bond's primary device name in active-backup bond mode",
"type": "string"
},
"bond_primary_slave": {
"readonly": true,
"title": "Bond's primary device name in active-backup bond mode",
"type": "string"
},
"bond_slaves": {
"items": {
"type": "string"
},
"title": "Bond's slave devices",
"type": "array"
},
"bond_xmit_hash_policy": {
"enum": [
"layer2",
"layer2+3",
"layer3+4",
"encap2+3",
"encap3+4"
],
"readonly": true,
"title": "Bond's transmit hash policy for balance-xor and 802.3ad modes",
"type": "string"
},
"broadcast_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface broadcast address",
"type": "string"
},
"default_gateway": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Interface's default gateway",
"type": "string"
},
"interface_id": {
"readonly": true,
"required": true,
"title": "Interface ID",
"type": "string"
},
"ip_addresses": {
"items": {
"$ref": "IPv4AddressProperties
},
"maxItems": 1,
"title": "Interface IP addresses",
"type": "array"
},
"ip_configuration": {
"enum": [
"dhcp",
"static",
"not configured"
],
"required": true,
"title": "Interface configuration",
"type": "string"
},
"is_kni": {
"readonly": true,
"title": "Interface is a KNI",
"type": "boolean"
},
"link_status": {
"enum": [
"up",
"down"
],
"readonly": true,
"title": "Interface administration status",
"type": "string"
},
"mtu": {
"title": "Interface MTU",
"type": "integer"
},
"physical_address": {
"pattern": "^[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}:[0-9A-Fa-f]{2}$",
"readonly": true,
"title": "Interface MAC address",
"type": "string"
},
"plane": {
"enum": [
"mgmt",
"debug",
"none"
],
"title": "Interface plane",
"type": "string"
},
"vlan": {
"maximum": 4094,
"minimum": 1,
"readonly": true,
"title": "VLAN Id",
"type": "integer"
}
},
"title": "Node network interface properties",
"type": "object"
}
NodeNetworkInterfacePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeNetworkInterfacePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeNetworkInterfaceProperties
},
"required": true,
"title": "Node network interface property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network interface properties list results",
"type": "object"
}
NodeNetworkProperties (type)
{
"extends": {
"$ref": "Resource
},
"id": "NodeNetworkProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "Network configuration properties",
"type": "object"
}
NodeNtpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeNtpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "NtpServiceProperties,
"title": "NTP Service properties"
}
},
"title": "Node NTP service properties",
"type": "object"
}
NodeProcessProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeProcessProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cpu_time": {
"readonly": true,
"title": "CPU time (user and system) consumed by process in milliseconds",
"type": "integer"
},
"mem_resident": {
"readonly": true,
"title": "Resident set size of process in bytes",
"type": "integer"
},
"mem_used": {
"readonly": true,
"title": "Virtual memory used by process in bytes",
"type": "integer"
},
"pid": {
"readonly": true,
"title": "Process id",
"type": "integer"
},
"ppid": {
"readonly": true,
"title": "Parent process id",
"type": "integer"
},
"process_name": {
"readonly": true,
"title": "Process name",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Process start time expressed in milliseconds since epoch"
},
"uptime": {
"readonly": true,
"title": "Milliseconds since process started",
"type": "integer"
}
},
"title": "Node process properties",
"type": "object"
}
NodeProcessPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeProcessPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeProcessProperties
},
"required": true,
"title": "Node process property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node process property query results",
"type": "object"
}
NodeProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cli_history_size": {
"minimum": 0,
"title": "NSX CLI command history limit, set to 0 to configure no history size limit",
"type": "integer"
},
"cli_output_datetime": {
"title": "NSX CLI display datetime stamp in command output",
"type": "boolean"
},
"cli_timeout": {
"minimum": 0,
"title": "NSX CLI inactivity timeout, set to 0 to configure no timeout",
"type": "integer"
},
"export_type": {
"enum": [
"RESTRICTED",
"UNRESTRICTED"
],
"readonly": true,
"title": "Export restrictions in effect, if any",
"type": "string"
},
"fully_qualified_domain_name": {
"readonly": true,
"title": "Fully qualified domain name",
"type": "string"
},
"hostname": {
"$ref": "SystemHostname,
"title": "Host name or fully qualified domain name of node",
"type": "string"
},
"kernel_version": {
"readonly": true,
"title": "Kernel version",
"type": "string"
},
"motd": {
"title": "Message of the day to display when users login to node using the NSX CLI",
"type": [
"string",
"null"
]
},
"node_type": {
"enum": [
"NSX Manager",
"NSX Global Manager",
"NSX Edge",
"NSX Autonomous Edge",
"NSX Cloud Service Manager",
"NSX Public Cloud Gateway"
],
"readonly": true,
"title": "Node type",
"type": "string"
},
"node_uuid": {
"maxLength": 36,
"readonly": true,
"title": "Node Unique Identifier",
"type": "string"
},
"node_version": {
"readonly": true,
"title": "Node version",
"type": "string"
},
"product_version": {
"readonly": true,
"title": "Product version",
"type": "string"
},
"system_datetime": {
"$ref": "DatetimeUTC,
"title": "System date time in UTC"
},
"system_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Current time expressed in milliseconds since epoch"
},
"timezone": {
"title": "Timezone",
"type": "string"
}
},
"title": "Node properties",
"type": "object"
}
NodeProtonServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeProtonServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "LoggingServiceProperties,
"title": "Service properties"
}
},
"title": "Node service properties",
"type": "object"
}
NodeRouteProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeRouteProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"destination": {
"title": "Destination covered by route",
"type": "string"
},
"from_address": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "From address",
"type": "string"
},
"gateway": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Address of next hop",
"type": "string"
},
"interface_id": {
"title": "Network interface id of route",
"type": "string"
},
"metric": {
"title": "Metric value of route",
"type": "string"
},
"netmask": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Netmask of destination covered by route",
"type": "string"
},
"proto": {
"default": "boot",
"enum": [
"unspec",
"redirect",
"kernel",
"boot",
"static",
"gated",
"ra",
"mrt",
"zebra",
"bird",
"dnrouted",
"xorp",
"ntk",
"dhcp"
],
"title": "Routing protocol identifier of route",
"type": "string"
},
"route_id": {
"readonly": true,
"title": "Unique identifier for the route",
"type": "string"
},
"route_type": {
"enum": [
"default",
"static",
"blackhole",
"prohibit",
"throw",
"unreachable"
],
"required": true,
"title": "Route type",
"type": "string"
},
"scope": {
"title": "Scope of destinations covered by route",
"type": "string"
},
"src": {
"pattern": "^[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}\\.[\\d]{1,3}$",
"title": "Source address to prefer when sending to destinations of route",
"type": "string"
}
},
"title": "Node network route properties",
"type": "object"
}
NodeRoutePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeRoutePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeRouteProperties
},
"required": true,
"title": "Node route property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node network route properties list results",
"type": "object"
}
NodeSearchDomainsProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSearchDomainsProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"search_domains": {
"items": {
"type": "string"
},
"required": true,
"title": "Search domains",
"type": "array"
}
},
"title": "Node network search domains properties",
"type": "object"
}
NodeServiceProperties (type)
{
"extends": {
"$ref": "Resource
},
"id": "NodeServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
}
},
"title": "Node service properties",
"type": "object"
}
NodeServicePropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeServicePropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeServiceProperties
},
"required": true,
"title": "Node service property results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node service property query results",
"type": "object"
}
NodeServiceStatusProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeServiceStatusProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"health": {
"enum": [
"STABLE",
"DEGRADED"
],
"readonly": true,
"required": false,
"title": "Service health in addition to runtime_state",
"type": "string"
},
"monitor_pid": {
"readonly": true,
"title": "Service monitor process id",
"type": "integer"
},
"monitor_runtime_state": {
"enum": [
"running",
"stopped"
],
"readonly": true,
"title": "Service monitor runtime state",
"type": "string"
},
"pids": {
"items": {
"type": "integer"
},
"readonly": true,
"title": "Service process ids",
"type": "array"
},
"reason": {
"readonly": true,
"required": false,
"title": "Reason for service degradation",
"type": "string"
},
"runtime_state": {
"enum": [
"running",
"stopped"
],
"readonly": true,
"title": "Service runtime state",
"type": "string"
}
},
"title": "Node service status properties",
"type": "object"
}
NodeSnmpServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSnmpServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "SnmpServiceProperties,
"required": true,
"title": "SNMP Service properties"
}
},
"title": "Node SNMP service properties",
"type": "object"
}
NodeSnmpV3EngineID (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSnmpV3EngineID",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"v3_engine_id": {
"required": true,
"title": "SNMP v3 engine id",
"type": "string"
}
},
"title": "SNMP V3 Engine Id",
"type": "object"
}
NodeSshServiceProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "NodeServiceProperties
},
"id": "NodeSshServiceProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"service_name": {
"required": true,
"title": "Service name",
"type": "string"
},
"service_properties": {
"$ref": "SshServiceProperties,
"title": "SSH Service properties"
}
},
"title": "Node SSH service properties",
"type": "object"
}
NodeStatusProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeStatusProperties",
"module_id": "ApplianceStats",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cpu_cores": {
"readonly": true,
"title": "Number of CPU cores on the system",
"type": "integer"
},
"cpu_usage": {
"$ref": "CpuUsage,
"description": "Highest and average usage of DPDK and non-DPDK core of Edge Node.",
"readonly": true,
"title": "CPU usage of DPDK and non-DPDK core groups"
},
"disk_space_total": {
"description": "Amount of disk space available on the system, in kilobytes.",
"readonly": true,
"title": "Amount of disk space available on the system, in kilobytes",
"type": "integer"
},
"disk_space_used": {
"descrption": "Amount of disk space in use on the system, in kilobytes.",
"readonly": true,
"title": "Amount of disk space in use on the system, in kilobytes",
"type": "integer"
},
"dpdk_cpu_cores": {
"description": "Number of DPDK cores on Edge Node which are used for packet IO processing.",
"readonly": true,
"title": "Number of DPDK CPU cores on the system",
"type": "integer"
},
"edge_mem_usage": {
"$ref": "EdgeTransportNodeMemoryUsage,
"description": "Point in time usage of system, datapath, swap and cache memory in edge node. Valid only for Edge transport node.",
"readonly": true,
"title": "Memory usage of edge node"
},
"file_systems": {
"items": {
"$ref": "NodeFileSystemProperties
},
"readonly": true,
"title": "File systems configured on the system",
"type": "array"
},
"hostname": {
"readonly": true,
"title": "Host name of the system",
"type": "string"
},
"load_average": {
"items": {
"type": "number"
},
"readonly": true,
"title": "One, five, and fifteen minute load averages for the system",
"type": "array"
},
"mem_cache": {
"readonly": true,
"title": "Amount of RAM on the system that can be flushed out to disk, in kilobytes",
"type": "integer"
},
"mem_total": {
"readonly": true,
"title": "Amount of RAM allocated to the system, in kilobytes",
"type": "integer"
},
"mem_used": {
"readonly": true,
"title": "Amount of RAM in use on the system, in kilobytes",
"type": "integer"
},
"non_dpdk_cpu_cores": {
"description": "Number of non-DPDK cores on Edge Node.",
"readonly": true,
"title": "Number of non-DPDK CPU cores on the system",
"type": "integer"
},
"source": {
"$ref": "DataSourceType,
"readonly": true,
"title": "Source of status data."
},
"swap_total": {
"readonly": true,
"title": "Amount of disk available for swap, in kilobytes",
"type": "integer"
},
"swap_used": {
"readonly": true,
"title": "Amount of swap disk in use, in kilobytes",
"type": "integer"
},
"system_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Current time expressed in milliseconds since epoch"
},
"uptime": {
"readonly": true,
"title": "Milliseconds since system start",
"type": "integer"
}
},
"title": "Node status properties",
"type": "object"
}
NodeSummary (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSummary",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"component_version": {
"readonly": true,
"required": true,
"title": "Component version",
"type": "string"
},
"node_count": {
"description": "Number of nodes of the type and at the component version",
"readonly": true,
"required": true,
"title": "Count of nodes",
"type": "int"
},
"type": {
"readonly": true,
"required": true,
"title": "Node type",
"type": "string"
},
"upgrade_unit_subtype": {
"enum": [
"RESOURCE",
"ACTION"
],
"readonly": true,
"required": false,
"title": "UpgradeUnit sub type",
"type": "string"
}
},
"type": "object"
}
NodeSummaryList (type)
{
"additionalProperties": false,
"id": "NodeSummaryList",
"module_id": "Upgrade",
"properties": {
"results": {
"items": {
"$ref": "NodeSummary
},
"required": true,
"title": "List of Node Summary",
"type": "array"
}
},
"type": "object"
}
NodeSyslogExporterProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeSyslogExporterProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"exporter_name": {
"required": true,
"title": "Syslog exporter name",
"type": "string"
},
"facilities": {
"items": {
"$ref": "SyslogFacility
},
"title": "Facilities to export",
"type": "array"
},
"level": {
"enum": [
"EMERG",
"ALERT",
"CRIT",
"ERR",
"WARNING",
"NOTICE",
"INFO",
"DEBUG"
],
"required": true,
"title": "Logging level to export",
"type": "string"
},
"msgids": {
"items": {
"pattern": "^.+$",
"type": "string"
},
"title": "MSGIDs to export",
"type": "array"
},
"port": {
"maximum": 65535,
"minimum": 1,
"title": "Port to export to, defaults to 514 for TCP, TLS, UDP protocols or 9000 for LI, LI-TLS protocols",
"type": "integer"
},
"protocol": {
"enum": [
"TCP",
"TLS",
"UDP",
"LI",
"LI-TLS"
],
"required": true,
"title": "Export protocol",
"type": "string"
},
"server": {
"$ref": "HostnameOrIPv4Address,
"required": true,
"title": "IP address or hostname of server to export to",
"type": "string"
},
"structured_data": {
"items": {
"pattern": "^(alarmId|alarmState|audit|comp|entId|eReqId|errorCode|eventFeatureName|eventId|eventSev|eventState|eventType|euser|level|nodeId|security|subcomp|s2comp|splitId|splitIndex|tenantId|tid|tname|update|username)=.+$",
"type": "string"
},
"title": "Structured data to export",
"type": "array"
},
"tls_ca_pem": {
"title": "CA certificate PEM of TLS server to export to",
"type": "string"
},
"tls_cert_pem": {
"title": "Certificate PEM of the rsyslog client",
"type": "string"
},
"tls_client_ca_pem": {
"title": "CA certificate PEM of the rsyslog client",
"type": "string"
},
"tls_key_pem": {
"sensitive": true,
"title": "Private key PEM of the rsyslog client",
"type": "string"
}
},
"title": "Node syslog exporter properties",
"type": "object"
}
NodeSyslogExporterPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeSyslogExporterPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeSyslogExporterProperties
},
"required": true,
"title": "Node syslog exporter results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node syslog exporter list results",
"type": "object"
}
NodeTime (type)
{
"additionalProperties": false,
"description": "Node system time in UTC",
"id": "NodeTime",
"properties": {
"system_datetime": {
"$ref": "DatetimeUTC,
"required": true,
"title": "Datetime string in UTC"
}
},
"title": "Node system time in UTC",
"type": "object"
}
NodeType (type)
{
"id": "NodeType",
"module_id": "CertificateManager",
"title": "Node Type",
"type": "string"
}
NodeUserPasswordProperty (type)
{
"additionalProperties": false,
"id": "NodeUserPasswordProperty",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "The new password for user",
"type": "string"
}
},
"type": "object"
}
NodeUserProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "NodeUserProperties",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"full_name": {
"title": "Full name for the user",
"type": "string"
},
"last_password_change": {
"maximum": 2147483647,
"minimum": 0,
"readonly": true,
"title": "Number of days since password was last changed",
"type": "integer"
},
"old_password": {
"sensitive": true,
"title": "Old password for the user (required on PUT if password specified)",
"type": "string"
},
"password": {
"sensitive": true,
"title": "Password for the user (optionally specified on PUT, unspecified on GET)",
"type": "string"
},
"password_change_frequency": {
"description": "Number of days password is valid before it must be changed. This can be set to 0 to indicate no password change is required or a positive integer up to 9999. By default local user passwords must be changed every 90 days.",
"maximum": 9999,
"minimum": 0,
"title": "Number of days password is valid before it must be changed",
"type": "integer"
},
"password_reset_required": {
"title": "Boolean value that states if a password reset is required",
"type": "boolean"
},
"status": {
"description": "Status of the user. This value can be ACTIVE indicating authentication attempts will be successful if the correct credentials are specified. The value can also be PASSWORD_EXPIRED indicating authentication attempts will fail because the user's password has expired and must be changed. Or, this value can be NOT_ACTIVATED indicating the user's password has not yet been set and must be set before the user can authenticate.",
"enum": [
"ACTIVE",
"PASSWORD_EXPIRED",
"NOT_ACTIVATED"
],
"readonly": true,
"title": "User status",
"type": "string"
},
"userid": {
"maximum": 2147483647,
"minimum": 0,
"readonly": true,
"title": "Numeric id for the user",
"type": "integer"
},
"username": {
"maxLength": 32,
"minLength": 1,
"pattern": "^[a-zA-Z][a-zA-Z0-9@-_.\\-]*$",
"title": "User login name (must be \"root\" if userid is 0)",
"type": "string"
}
},
"title": "Node user properties",
"type": "object"
}
NodeUserPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "NodeUserPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "NodeUserProperties
},
"required": true,
"title": "List of node users",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Node users list results",
"type": "object"
}
NodeUserSettings (type)
{
"additionalProperties": false,
"id": "NodeUserSettings",
"module_id": "FabricNode",
"properties": {
"audit_password": {
"description": "Password for the node audit user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node audit user password",
"type": "string"
},
"audit_username": {
"description": "The default username is \"audit\". To configure username, you must provide this property together with <b>audit_password</b>. Username must contain ASCII characters only.",
"pattern": "^[\\x00-\\x7F]+$",
"required": false,
"title": "CLI \"audit\" username",
"type": "string"
},
"cli_password": {
"description": "Password for the node cli user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node cli password",
"type": "string"
},
"cli_username": {
"default": "admin",
"description": "To configure username, you must provide this property together with <b>cli_password</b>. Username must contain ASCII characters only.",
"pattern": "^[\\x00-\\x7F]+$",
"required": false,
"title": "CLI \"admin\" username",
"type": "string"
},
"root_password": {
"description": "Password for the node root user. For deployment, this property is required. After deployment, this property is ignored, and the node cli must be used to change the password. The password specified must be at least 12 characters in length and must contain at least one lowercase, one uppercase, one numeric character and one special character (except quotes). Passwords based on dictionary words and palindromes are invalid.",
"required": false,
"sensitive": true,
"title": "Node root user password",
"type": "string"
}
},
"type": "object"
}
NodeVersion (type)
{
"additionalProperties": false,
"id": "NodeVersion",
"properties": {
"node_version": {
"readonly": true,
"title": "Node version",
"type": "string"
},
"product_version": {
"readonly": true,
"title": "Product version",
"type": "string"
}
},
"type": "object"
}
NsxRole (type)
{
"id": "NsxRole",
"module_id": "AAA",
"properties": {
"permissions": {
"deprecated": true,
"description": "Please use the /user-info/permissions api to get the permission that the user has on each feature.",
"items": {
"enum": [
"read-api",
"read-write-api",
"crud",
"read",
"execute",
"none"
],
"type": "string"
},
"required": false,
"title": "Permissions",
"type": "array"
},
"role": {
"description": "This field represents the identifier of the role. With the introduction of custom roles, this field is no longer an enum.",
"required": true,
"title": "Role ID",
"type": "string"
}
},
"title": "Role",
"type": "object"
}
NsxTDNSForwarderStatistics (type)
{
"description": "The current statistics counters of the DNS forwarder including cache usages and query numbers per forwarders, on an NSX-T type of enforcement point.",
"extends": {
"$ref": "DNSForwarderStatisticsPerEnforcementPoint
},
"id": "NsxTDNSForwarderStatistics",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "NsxTDNSForwarderStatistics"
},
"properties": {
"cached_entries": {
"readonly": true,
"title": "The total number of cached entries",
"type": "integer"
},
"conditional_forwarder_statistics": {
"items": {
"$ref": "NsxTDNSForwarderZoneStatistics
},
"maxItems": 5,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of conditional forwarder zones",
"type": "array"
},
"configured_cache_size": {
"readonly": true,
"title": "The configured cache size, in kb",
"type": "integer"
},
"default_forwarder_statistics": {
"$ref": "NsxTDNSForwarderZoneStatistics,
"readonly": true,
"title": "The statistics of default forwarder zone"
},
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the statistics are fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"queries_answered_locally": {
"readonly": true,
"title": "The total number of queries answered from local cache",
"type": "integer"
},
"queries_forwarded": {
"readonly": true,
"title": "The total number of forwarded DNS queries",
"type": "integer"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatistics"
],
"required": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current statistics, in ms"
},
"total_queries": {
"readonly": true,
"title": "The total number of received DNS queries",
"type": "integer"
},
"used_cache_statistics": {
"items": {
"$ref": "NsxTPerNodeUsedCacheStatistics
},
"maxItems": 2,
"minItems": 0,
"readonly": true,
"required": false,
"title": "The statistics of used cache",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder",
"type": "object"
}
NsxTDNSForwarderStatus (type)
{
"description": "The current runtime status of the DNS forwarder.",
"extends": {
"$ref": "DNSForwarderStatusPerEnforcementPoint
},
"id": "NsxTDNSForwarderStatus",
"module_id": "PolicyDNSStatistics",
"polymorphic-type-descriptor": {
"type-identifier": "NsxTDNSForwarderStatus"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the status is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"extra_message": {
"readonly": true,
"required": false,
"title": "Extra message, if available",
"type": "string"
},
"resource_type": {
"enum": [
"NsxTDNSForwarderStatus"
],
"required": true,
"type": "string"
},
"status": {
"description": "UP means the DNS forwarder is working correctly on the active transport node and the stand-by transport node (if present). Failover will occur if either node goes down. DOWN means the DNS forwarder is down on both active transport node and standby node (if present). The DNS forwarder does not function in this situation. Error means there is some error on one or both transport node, or no status was reported from one or both transport nodes. The DNS forwarder may be working (or not working). NO_BACKUP means DNS forwarder is working in only one transport node, either because it is down on the standby node, or no standby is configured. An forwarder outage will occur if the active node goes down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP",
"UNKNOWN"
],
"readonly": true,
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Time stamp of the current status, in ms"
}
},
"title": "The current runtime status of DNS forwarder",
"type": "object"
}
NsxTDNSForwarderZoneStatistics (type)
{
"description": "Statistics counters of the DNS forwarder zone.",
"id": "NsxTDNSForwarderZoneStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"domain_names": {
"description": "Domain names configured for the forwarder. Empty if this is the default forwarder.",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 0,
"readonly": true,
"title": "Domain names configured for the forwarder",
"type": "array"
},
"upstream_statistics": {
"items": {
"$ref": "NsxTUpstreamServerStatistics
},
"maxItems": 3,
"minItems": 0,
"readonly": true,
"required": false,
"title": "Statistics per upstream server.",
"type": "array"
}
},
"title": "Statistics counters of the DNS forwarder zone",
"type": "object"
}
NsxTDnsAnswer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyDnsAnswerPerEnforcementPoint
},
"id": "NsxTDnsAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"authoritative_answers": {
"items": {
"$ref": "NsxTDnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Authoritative answers",
"type": "array"
},
"dns_server": {
"description": "Dns server ip address and port, format is \"ip address#port\".",
"required": true,
"title": "Dns server information",
"type": "string"
},
"edge_node_id": {
"description": "ID of the edge node that performed the query.",
"required": true,
"title": "Edge node id",
"type": "string"
},
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"non_authoritative_answers": {
"items": {
"$ref": "NsxTDnsQueryAnswer
},
"maxItems": 256,
"minItems": 1,
"required": false,
"title": "Non authoritative answers",
"type": "array"
},
"raw_answer": {
"description": "It can be NXDOMAIN or error message which is not consisted of authoritative_answer or non_authoritative_answer.",
"required": false,
"title": "Raw message returned from the dns forwarder",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DNS forwarder nslookup answer.",
"enum": [
"NsxTDnsAnswer"
],
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "Answer of dns nslookup",
"type": "object"
}
NsxTDnsQueryAnswer (type)
{
"additionalProperties": false,
"id": "NsxTDnsQueryAnswer",
"module_id": "PolicyDnsForwarder",
"properties": {
"address": {
"description": "Resolved IP address matched with the nslookup address provided as a request parameter.",
"required": false,
"title": "Matched ip address",
"type": "string"
},
"name": {
"description": "Matched name of the given address.",
"required": false,
"title": "Matched name",
"type": "string"
}
},
"title": "Answer of nslookup",
"type": "object"
}
NsxTPerNodeUsedCacheStatistics (type)
{
"description": "Query statistics counters of used cache from node",
"id": "NsxTPerNodeUsedCacheStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"cached_entries": {
"readonly": true,
"title": "The total number of cached entries",
"type": "integer"
},
"node_id": {
"readonly": true,
"title": "UUID of active/standby transport node",
"type": "string"
},
"used_cache_size": {
"readonly": true,
"title": "The memory size used in cache, in kb",
"type": "integer"
}
},
"title": "Per node used cache query statistics counters",
"type": "object"
}
NsxTUpstreamServerStatistics (type)
{
"description": "Query statistics counters to an upstream server including successfully forwarded queries and failed queries.",
"id": "NsxTUpstreamServerStatistics",
"module_id": "PolicyDNSStatistics",
"properties": {
"queries_failed": {
"readonly": true,
"title": "Queries failed to forward.",
"type": "integer"
},
"queries_succeeded": {
"readonly": true,
"title": "Queries forwarded successfully",
"type": "integer"
},
"upstream_server": {
"$ref": "IPAddress,
"readonly": true,
"title": "Upstream server ip"
}
},
"title": "Upstream server query statistics counters",
"type": "object"
}
NsxtNodeType (type)
{
"enum": [
"NSX_ESX",
"NSX_KVM",
"NSX_BAREMETAL_SERVER",
"NSX_EDGE",
"NSX_PUBLIC_CLOUD_GATEWAY",
"NSX_MANAGER",
"NSX_POLICY_MANAGER",
"NSX_CONTROLLER",
"GLOBAL_MANAGER"
],
"id": "NsxtNodeType",
"module_id": "PolicySha",
"title": "Valid NSX node type",
"type": "string"
}
NtpServiceProperties (type)
{
"additionalProperties": false,
"id": "NtpServiceProperties",
"properties": {
"servers": {
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": true,
"title": "NTP servers",
"type": "array"
},
"start_on_boot": {
"default": true,
"required": false,
"title": "Start NTP service when system boots",
"type": "boolean"
}
},
"title": "NTP Service properties",
"type": "object"
}
ObjectRolePermissionGroup (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "ObjectRolePermissionGroup",
"module_id": "PolicyAuthz",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inheritance_disabled": {
"default": false,
"required": false,
"title": "Does children of this object inherit this rule",
"type": "boolean"
},
"operation": {
"enum": [
"crud",
"read",
"execute",
"none"
],
"required": false,
"title": "Allowed operation",
"type": "string"
},
"path_prefix": {
"required": true,
"title": "Path prefix",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role_name": {
"required": true,
"title": "Role name",
"type": "string"
},
"rule_disabled": {
"default": false,
"required": false,
"title": "Is rule disabled or not",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "RBAC Objects qualifier",
"type": "object"
}
ObjectRolePermissionGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ObjectRolePermissionGroupListRequestParameters",
"module_id": "PolicyAuthz",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"inheritance_disabled": {
"default": false,
"required": false,
"title": "Does children of this object inherit this rule",
"type": "boolean"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"path_prefix": {
"required": false,
"title": "Path prefix",
"type": "string"
},
"role_name": {
"required": false,
"title": "Role name",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "RBAC Objects qualifier",
"type": "object"
}
ObjectRolePermissionGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ObjectRolePermissionGroupListResult",
"module_id": "PolicyAuthz",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ObjectRolePermissionGroup
},
"required": true,
"title": "ObjectRolePermissionGroup list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of RBAC Objects",
"type": "object"
}
OidcEndPoint (type)
{
"additionalProperties": false,
"description": "OpenID Connect end-point specifying where to fetch the JWKS document used to validate JWT tokens for TokenBasedPrincipalIdentities.",
"extends": {
"$ref": "ManagedResource
},
"id": "OidcEndPoint",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authorization_endpoint": {
"description": "The URL of the OpenID provider's authorization endpoint.",
"readonly": true,
"required": false,
"title": "Authorization endpoint",
"type": "string"
},
"claims_supported": {
"description": "The list of claims that the OpenID provider supports.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Claims supported",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"issuer": {
"description": "Issuer of the JWT tokens for the given type. This field is fetched from the meta-data located at the oidc_uri.",
"readonly": true,
"required": false,
"title": "JWT token issuer",
"type": "string"
},
"jwks_uri": {
"description": "The URI where the JWKS document is located that has the key used to validate the JWT signature.",
"readonly": true,
"required": false,
"title": "URI of JWKS document",
"type": "string"
},
"name": {
"description": "A short, unique name for this OpenID Connect end-point. OIDC endpoint names may not contain spaces. If not provided, defaults to the ID of the OidcEndPoint.",
"required": false,
"title": "Unique name for this OpenID Connect end-point",
"type": "string"
},
"oidc_type": {
"default": "vcenter",
"description": "Type used to distinguish the OIDC end-points by IDP.",
"enum": [
"vcenter",
"ws_one"
],
"maxLength": 255,
"readonly": false,
"required": false,
"title": "OIDC Type",
"type": "string"
},
"oidc_uri": {
"description": "URI of the OpenID Connect end-point.",
"maxLength": 255,
"readonly": false,
"required": true,
"title": "OpenID Connect URI",
"type": "string"
},
"override_roles": {
"description": "When specified this role or roles are used instead of the nsx-role in the JWT",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Roles used instead of token roles",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Thumbprint in SHA-256 format used to verify the server certificate at the URI.",
"maxLength": 255,
"readonly": false,
"required": true,
"title": "Thumbprint",
"type": "string"
},
"token_endpoint": {
"description": "The URL of the OpenID provider's token endpoint.",
"readonly": true,
"required": false,
"title": "Token endpoint",
"type": "string"
},
"userinfo_endpoint": {
"description": "The URL of the OpenID provider's userinfo endpoint.",
"readonly": true,
"required": false,
"title": "Userinfo endpoint",
"type": "string"
}
},
"title": "OpenID Connect end-point",
"type": "object"
}
OidcEndPointListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "OidcEndPointListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "OidcEndPoint list.",
"items": {
"$ref": "OidcEndPoint
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "OidcEndPoint query result",
"type": "object"
}
OidcRefreshParameter (type)
{
"additionalProperties": false,
"id": "OidcRefreshParameter",
"module_id": "CertificateManager",
"properties": {
"refresh": {
"default": false,
"description": "Whether to fetch and update the OIDC meta-data.",
"required": false,
"title": "Refresh meta-data",
"type": "boolean"
}
},
"type": "object"
}
OnboardingAttribute (type)
{
"description": "Generic config onboarding attributes in form attribute name and its corresponding values.",
"id": "OnboardingAttribute",
"module_id": "GmConfigOnboarding",
"properties": {
"name": {
"readonly": true,
"required": true,
"title": "Attribute name",
"type": "string"
},
"value": {
"readonly": true,
"required": false,
"title": "Attribute value",
"type": "string"
},
"value_type": {
"default": "STRING",
"enum": [
"STRING",
"INTEGER",
"BOOLEAN"
],
"readonly": true,
"required": false,
"title": "Attribute Type",
"type": "string"
}
},
"title": "Config Onboarding Attributes",
"type": "object"
}
OnboardingCompatibilityStatus (type)
{
"enum": [
"COMPATIBLE",
"INCOMPATIBLE"
],
"help": "Configuration onboarding compatibility status represents onboarding site's\nconfiguration compatibility on Global manager in order to keep overall\nsecurity posture unchanged.\nCOMPATIBLE - Onboarding site configuration is compatible with Global\n manager configuration and will not impact security posture\n upon configuration onboarding.\nINCOMPATIBLE - Onboarding site configuration is not compatible with Global\n manager configuration and will impact security posture upon\n configuration onboarding.\n",
"id": "OnboardingCompatibilityStatus",
"module_id": "GmConfigOnboarding",
"title": "Onboarding Compatibility Status",
"type": "string"
}
OnboardingConflictStatus (type)
{
"enum": [
"NO_CONFLICTS",
"CONFLICT_DETECTED"
],
"help": "Configuration onboarding conflict status on Global manager. Global manager\ncan have below status based on conflict in path between site configuration\nand global configuration.\nNO_CONFLICTS - No conflicts found between site configuration and\n global configuration.\nCONFLICT_DETECTED - One or more conflicts found between site configuration\n and global configuration\n",
"id": "OnboardingConflictStatus",
"module_id": "GmConfigOnboarding",
"title": "Onboarding Conflict Status",
"type": "string"
}
OnboardingFeatureInfo (type)
{
"description": "Feature information currently under process or refered to.",
"id": "OnboardingFeatureInfo",
"module_id": "GmConfigOnboarding",
"properties": {
"name": {
"readonly": true,
"required": false,
"title": "Feature Name",
"type": "string"
},
"path": {
"readonly": true,
"required": false,
"title": "Resource Path",
"type": "string"
},
"resource_type": {
"readonly": true,
"required": false,
"title": "Resource Type",
"type": "string"
}
},
"title": "Onboarding Feature Information",
"type": "object"
}
OnboardingStage (type)
{
"description": "Represents intermediate on-boarding stages on global manager or corresponding site manager.",
"enum": [
"LM_MIGRATION",
"LM_SYNCHRONIZATION",
"GM_PERSISTENCE",
"GM_TRANSFORMATION",
"GM_PROCESSING_DONE",
"GM_ROLLBACK",
"GM_ROLLBACK_DONE"
],
"id": "OnboardingStage",
"module_id": "GmConfigOnboarding",
"title": "Config onboarding stage",
"type": "string"
}
OnboardingStatus (type)
{
"enum": [
"ALLOWED",
"BLOCKED_FEATURE_CHECK",
"BLOCKED_CONFIG_CONFLICT_CHECK",
"BLOCKED_SITE_RESTORE_PENDING",
"BLOCKED_FULLSYNC_PENDING",
"BLOCKED_USER_REJECT",
"BLOCKED_SITE_NOT_REACHABLE",
"CONTINUE_RESOLUTION_NEEDED",
"IN_PROGRESS",
"FAILED_GM_ROLLBACK_IN_PROGRESS",
"SUCCESS"
],
"help": "Configuration onboarding status on Global manager. Currently Global manager\nallows below state transitions.\nALLOWED - Site onboarding is allowed for given\n site. This is initial state to begin site\n onboarding.\nBLOCKED_FEATURE_CHECK - Site onboarding cannot proceed due to\n supported feature mismatch against Global\n manager.\nBLOCKED_CONFIG_CONFLICT_CHECK - Site onboarding cannot proceed due to\n conflicts in onboarding configuration.\nBLOCKED_SITE_RESTORE_PENDING - Site onboarding cannot proceed due to\n pending restore operation on site.\nBLOCKED_FULLSYNC_PENDING - Site onboarding cannot proceed due to\n pending infra state sync to the site.\nBLOCKED_USER_REJECT - Site onboarding cannot proceed as per\n user preferences.\nBLOCKED_SITE_NOT_REACHABLE - Onboarding site is not reachable.\nCONTINUE_RESOLUTION_NEEDED - Site onboarding is allowed to proceed but\n conflict resolution is needed to start\n configuration onboarding successfully.\nIN_PROGRESS - Site onboarding process is in progress.\nFAILED_GM_ROLLBACK_IN_PROGRESS - Site onboarding process has failed and\n rollback operation on gloabl manager is\n in progress\nSUCCESS - Site onboarding process has successfully\n completed.\n",
"id": "OnboardingStatus",
"module_id": "GmConfigOnboarding",
"title": "Onboarding Status",
"type": "string"
}
OpenLdapIdentitySource (type)
{
"description": "An identity source service that runs OpenLDAP. The service allows selected user accounts defined in OpenLDAP to log into and access NSX-T.",
"extends": {
"$ref": "LdapIdentitySource
},
"id": "OpenLdapIdentitySource",
"module_id": "LdapIdentitySources",
"polymorphic-type-descriptor": {
"type-identifier": "OpenLdapIdentitySource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alternative_domain_names": {
"description": "After parsing the \"user@domain\", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.",
"items": {
"type": "string"
},
"title": "Additional domains to be directed to this identity source",
"type": "array"
},
"base_dn": {
"description": "The subtree of the LDAP identity source to search when locating users and groups.",
"required": true,
"title": "DN of subtree for user and group searches",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"description": "The name of the authentication domain. When users log into NSX using an identity of the form \"user@domain\", NSX uses the domain portion to determine which LDAP identity source to use.",
"required": true,
"title": "Authentication domain name",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ldap_servers": {
"description": "The list of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.",
"items": {
"$ref": "IdentitySourceLdapServer
},
"maxItems": 3,
"title": "LDAP servers for this identity source",
"type": "array"
},
"resource_type": {
"enum": [
"ActiveDirectoryIdentitySource",
"OpenLdapIdentitySource"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "An OpenLDAP identity source service",
"type": "object"
}
OpsGlobalConfig (type)
{
"additionalProperties": false,
"description": "Global Operations configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OpsGlobalConfig",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"in_band_network_telementry": {
"$ref": "DscpIndicator,
"description": "Specify the In-band network telemetry (INT) configuration config in a NSX domain. Set(resp. Unset) this configuration to enable(resp. disable) traceflow on VLAN logical network.",
"required": false,
"title": "The details of INT global configurations"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"operation_collectors": {
"description": "The operation collector is defined to receive stats from hosts. The VRNI and WAVE_FRONT collector type can be defined to collect the metric data. The WAVE_FRONT collector type can only be used in VMC mode.",
"items": {
"$ref": "GlobalCollectorConfig
},
"required": false,
"title": "Operation global collector config",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Global Operations configuration",
"type": "object"
}
OspfAreaConfig (type)
{
"additionalProperties": false,
"description": "Contains OSPF Area configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OspfAreaConfig",
"module_id": "PolicyOspf",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"area_id": {
"description": "OSPF area-id either in decimal or dotted format.",
"required": true,
"title": "OSPF area id",
"type": "string"
},
"area_type": {
"default": "NORMAL",
"description": "Configures OSPF area with defined area type. If area_type field not specified, default is NSSA.",
"enum": [
"NORMAL",
"NSSA"
],
"required": false,
"title": "OSPF area type",
"type": "string"
},
"authentication": {
"$ref": "OspfAuthenticationConfig,
"description": "Enables/Disables authentication for an OSPF area.",
"title": "OSPF area authentication configuration"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "OSPF Area config",
"type": "object"
}
OspfAuthenticationConfig (type)
{
"additionalProperties": false,
"description": "Enables OSPF authentication with specified mode and password.",
"id": "OspfAuthenticationConfig",
"module_id": "PolicyOspf",
"properties": {
"key_id": {
"description": "Authentication secret key id is mandatory for type md5 with min value of 1 and max value 255.",
"maximum": 255,
"minimum": 1,
"required": false,
"sensitive": true,
"title": "Authentication secret key id",
"type": "integer"
},
"mode": {
"default": "NONE",
"description": "If mode is MD5 or PASSWORD, Authentication secret key is mandatory if mode is NONE, then authentication is disabled.",
"enum": [
"NONE",
"PASSWORD",
"MD5"
],
"required": false,
"title": "Authentication mode",
"type": "string"
},
"secret_key": {
"description": "Authentication secret is mandatory for type password and md5 with min length of 1 and max length 8.",
"required": false,
"sensitive": true,
"title": "Authentication secret key",
"type": "string"
}
},
"title": "OSPF Authentication Configuration",
"type": "object"
}
OspfRoutingConfig (type)
{
"additionalProperties": false,
"description": "Contains OSPF routing configurations.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OspfRoutingConfig",
"module_id": "PolicyOspf",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"default_originate": {
"default": false,
"description": "Flag to enable/disable advertisement of default route into OSPF domain. The default route should be present in the edge only then it redistributes the same into OSPF domain only if this flag is set to TRUE.",
"required": false,
"title": "Flag to enable/disable advertisement of default route",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"ecmp": {
"default": true,
"description": "Flag to enable ECMP.",
"required": false,
"title": "Flag to enable ECMP",
"type": "boolean"
},
"enabled": {
"default": false,
"description": "Flag to enable OSPF routing protocol. Disabling will stop feature and OSPF peering.",
"required": false,
"title": "Flag to enable OSPF routing protocol",
"type": "boolean"
},
"graceful_restart_mode": {
"default": "HELPER_ONLY",
"description": "Configuration field to hold OSPF Restart mode .",
"enum": [
"DISABLE",
"HELPER_ONLY"
],
"title": "OSPF Graceful Restart Mode Configuration",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"summary_addresses": {
"description": "List of summary address configruation to summarize or filter external routes based on the setting of advertise flag in each OspfSummaryAddressConfig",
"items": {
"$ref": "OspfSummaryAddressConfig
},
"maxItems": 1000,
"required": false,
"title": "List of OSPF summary address configuration to summarize external routes",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "OSPF routing config",
"type": "object"
}
OspfSummaryAddressConfig (type)
{
"additionalProperties": false,
"description": "OSPF summary address configuration to summarize external routes",
"id": "OspfSummaryAddressConfig",
"module_id": "PolicyOspf",
"properties": {
"advertise": {
"default": true,
"description": "Used to filter the advertisement of external routes into the OSPF domain. Setting this field to \"TRUE\" will enable the summarization of external routes that are covered by ip_prefix configuration. Setting this field to \"FALSE\" will filter the advertisement of external routes that are covered by ip_prefix configuration.",
"required": false,
"title": "Flag to enable/disable summarization of external routes",
"type": "boolean"
},
"prefix": {
"format": "ip-cidr-block",
"required": true,
"title": "OSPF Summary address in CIDR format",
"type": "string"
}
},
"title": "OSPF Summary Address Configuration",
"type": "object"
}
OverriddenResource (type)
{
"additionalProperties": false,
"description": "Represents which federated global resources have been overrriden on a specific Site.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "OverriddenResource",
"module_id": "PolicyOverrides",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_path": {
"description": "Policy resource path of the overridden resource.",
"readonly": true,
"title": "Policy resource path of the overridden resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_path": {
"description": "Site path to the specific site that has overridden the global resource.",
"readonly": true,
"title": "Site path",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents overridden resource information for federated entity.",
"type": "object"
}
OverriddenResourceListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of OverriddenResource.",
"extends": {
"$ref": "ListResult
},
"id": "OverriddenResourceListResult",
"module_id": "PolicyOverrides",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "OverriddenResource list results.",
"items": {
"$ref": "OverriddenResource
},
"required": true,
"title": "OverriddenResource list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of OverriddenResource",
"type": "object"
}
OverrideDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DeleteRequestParameters
},
"id": "OverrideDeleteRequestParameters",
"module_id": "Policy",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
},
"override": {
"default": false,
"description": "If true, the overridden object can be deleted locally. This will restore the global resource as the intended configuration for this site.",
"required": false,
"title": "Delete the locally overriden global object",
"type": "boolean"
}
},
"title": "Override delete request parameters",
"type": "object"
}
OverrideListRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameter to filter overridden resource list by intent path or site path or both.",
"id": "OverrideListRequestParameters",
"module_id": "PolicyOverrides",
"properties": {
"intent_path": {
"required": false,
"title": "Global resource path",
"type": "string"
},
"site_path": {
"required": false,
"title": "Site path",
"type": "string"
}
},
"title": "Override list request parameters",
"type": "object"
}
OverrideRequestParameters (type)
{
"additionalProperties": false,
"id": "OverrideRequestParameters",
"module_id": "Policy",
"properties": {
"override": {
"default": false,
"description": "If true, the global resource can be over written locally. This means that there will be a local only resource in place of the global resource that can reflect local specific settings and values. The global object will continue to exist but will not be used for any configuration until this local object is removed. When the object is overridden the Global resource continues to exist unmodified, while the overridden object is created with all of the user specified values. The Global resource may be updated in the background, however, the overridden object may only be updated by the user. Once the user removes the overridden copy, the Global resource will then resume being used in the configuration.",
"required": false,
"title": "Locally override the global object",
"type": "boolean"
}
},
"title": "Override request parameters",
"type": "object"
}
PIServiceType (type)
{
"enum": [
"LOCAL_MANAGER",
"GLOBAL_MANAGER"
],
"id": "PIServiceType",
"module_id": "CertificateManager",
"title": "Service type supported for Principal Identities",
"type": "string"
}
PackageLoggingLevels (type)
{
"additionalProperties": false,
"id": "PackageLoggingLevels",
"properties": {
"logging_level": {
"enum": [
"OFF",
"FATAL",
"ERROR",
"WARN",
"INFO",
"DEBUG",
"TRACE"
],
"title": "Logging levels per package",
"type": "string"
},
"package_name": {
"title": "Package name",
"type": "string"
}
},
"type": "object"
}
PacketAddressClassifier (type) (Deprecated)
{
"deprecated": true,
"description": "A packet is classified to have an address binding, if its address configuration matches with all user specified properties.",
"id": "PacketAddressClassifier",
"module_id": "Switching",
"properties": {
"ip_address": {
"$ref": "IPElement,
"required": false,
"title": "A single IP address or a subnet, e.g. x.x.x.x or x.x.x.x/y"
},
"mac_address": {
"$ref": "MACAddress,
"required": false,
"title": "A single MAC address"
},
"vlan": {
"$ref": "VlanID,
"required": false
}
},
"title": "Address classifications for a packet",
"type": "object"
}
PacketData (type)
{
"abstract": true,
"id": "PacketData",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"frame_size": {
"default": 128,
"description": "If the requested frame_size is too small (given the payload and traceflow metadata requirement of 16 bytes), the traceflow request will fail with an appropriate message. The frame will be zero padded to the requested size.",
"maximum": 1000,
"minimum": 60,
"required": false,
"title": "Requested total size of the (logical) packet in bytes",
"type": "integer"
},
"resource_type": {
"default": "FieldsPacketData",
"enum": [
"BinaryPacketData",
"FieldsPacketData"
],
"required": true,
"title": "Packet configuration",
"type": "string"
},
"routed": {
"required": false,
"title": "A flag, when set true, indicates that the traceflow packet is of L3 routing.",
"type": "boolean"
},
"transport_type": {
"default": "UNICAST",
"description": "This type takes effect only for IP packet.",
"enum": [
"BROADCAST",
"UNICAST",
"MULTICAST",
"UNKNOWN"
],
"required": false,
"title": "transport type of the traceflow packet",
"type": "string"
}
},
"type": "object"
}
PacketTypeAndCounter (type)
{
"id": "PacketTypeAndCounter",
"module_id": "AggSvcL2Types",
"properties": {
"counter": {
"required": true,
"title": "The number of packets.",
"type": "integer"
},
"packet_type": {
"required": true,
"title": "The type of the packets",
"type": "string"
}
},
"type": "object"
}
PacketsDroppedBySecurity (type)
{
"id": "PacketsDroppedBySecurity",
"module_id": "AggSvcL2Types",
"properties": {
"bpdu_filter_dropped": {
"required": false,
"title": "The number of packets dropped by \"BPDU filter\".",
"type": "integer"
},
"dhcp_client_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_client_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP client block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv4": {
"required": false,
"title": "The number of IPv4 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"dhcp_server_dropped_ipv6": {
"required": false,
"title": "The number of IPv6 packets dropped by \"DHCP server block\".",
"type": "integer"
},
"spoof_guard_dropped": {
"items": {
"$ref": "PacketTypeAndCounter
},
"required": false,
"title": "The packets dropped by \"Spoof Guard\"; supported packet types are IPv4, IPv6, ARP, ND, non-IP.",
"type": "array"
}
},
"type": "object"
}
PartialPatchConfig (type)
{
"additionalProperties": false,
"description": "This object allows enabling or disabling of partial patch functionality. Enabling partial patch allows patching of a subset of the fields of any object. After enabling partial patching, any object payload provided will be merged with the existing object payload. Note that while all mandatory fields are expected to be provided during the creation of any object, enabling partial patch will allow patching of existing objects with a subset of mandatory fields.",
"id": "PartialPatchConfig",
"module_id": "PolicySystemConfig",
"properties": {
"enable_partial_patch": {
"description": "boolean value used to enable/disable partial patch",
"required": true,
"title": "This object will contain the partial patch configuration.",
"type": "boolean"
}
},
"title": "Contains configuration for Partial patch.",
"type": "object"
}
PasswordAuthenticationScheme (type)
{
"additionalProperties": false,
"extends": {
"$ref": "AuthenticationScheme
},
"id": "PasswordAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"password"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"pattern": "^.+$",
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
PatchResources (type)
{
"additionalProperties": false,
"description": "Patch Resources is an action to create/patch resources in response to an event.",
"extends": {
"$ref": "Action
},
"id": "PatchResources",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "PatchResources"
},
"properties": {
"body": {
"description": "Patch body representing a Hierarchical Patch payload. The resources included in the body are patched replacing the injections' keys with their actual values.",
"required": true,
"title": "Body",
"type": "object"
},
"injections": {
"description": "Injections holding keys (variables) and their corresponding values.",
"items": {
"$ref": "Injection
},
"minItems": 1,
"title": "Injections",
"type": "array"
},
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Patch Resources",
"type": "object"
}
PathExpression (type)
{
"additionalProperties": false,
"description": "Represents policy path expressions in the form of an array, to support addition of objects like groups, segments and policy logical ports in a group.",
"extends": {
"$ref": "Expression
},
"id": "PathExpression",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "PathExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"paths": {
"description": "This array can consist of one or more policy paths. Only policy paths of groups, segments and policy logical ports are allowed.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Array of policy paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Group"
],
"relationshipType": "NESTED_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_SEGMENTPORT_RELATIONSHIP",
"rightType": [
"SegmentPort"
]
},
{
"leftType": [
"Group"
],
"relationshipType": "GROUP_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"Condition",
"ConjunctionOperator",
"NestedExpression",
"IPAddressExpression",
"MACAddressExpression",
"ExternalIDExpression",
"PathExpression",
"IdentityGroupExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Path expression node",
"type": "object"
}
PathPermissionGroup (type)
{
"additionalProperties": false,
"id": "PathPermissionGroup",
"module_id": "PolicyAuthz",
"properties": {
"object_path": {
"required": true,
"title": "Full Object Path",
"type": "string"
},
"operation": {
"enum": [
"crud",
"read",
"execute",
"none"
],
"required": true,
"title": "Allowed operation",
"type": "string"
}
},
"title": "RBAC Objects qualifier",
"type": "object"
}
PeerCertificateChain (type)
{
"additionalProperties": false,
"description": "The certificate chain presented by a remote TLS service.",
"id": "PeerCertificateChain",
"module_id": "CertificateManager",
"properties": {
"details": {
"description": "List of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "A peer's certificate chain",
"type": "object"
}
PemFile (type)
{
"additionalProperties": false,
"id": "PemFile",
"module_id": "CertificateManager",
"properties": {
"file": {
"required": true,
"title": "file data",
"type": "multipart_file"
}
},
"type": "object"
}
PendingChangesInfoNsxT (type)
{
"additionalProperties": false,
"description": "Information about recent changes, if any, that are not reflected in the Enforced Realized Status.",
"id": "PendingChangesInfoNsxT",
"module_id": "PolicyRealizationStatus",
"properties": {
"pending_changes_flag": {
"description": "Flag describing whether there are any pending changes that are not reflected in the status.",
"readonly": true,
"title": "Pending Changes Flag",
"type": "boolean"
}
},
"title": "NSX-T Pending Change Info",
"type": "object"
}
PerStepRestoreStatus (type)
{
"id": "PerStepRestoreStatus",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "A description of the restore status",
"type": "string"
},
"value": {
"enum": [
"INITIAL",
"RUNNING",
"SUSPENDED_BY_USER",
"SUSPENDED_FOR_USER_ACTION",
"FAILED",
"SUCCESS"
],
"readonly": true,
"required": true,
"title": "Per step restore status value",
"type": "string"
}
},
"title": "Restore step status",
"type": "object"
}
PlainFilterData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "LiveTraceFilterData
},
"id": "PlainFilterData",
"module_id": "LiveTrace",
"polymorphic-type-descriptor": {
"type-identifier": "PlainFilterData"
},
"properties": {
"basic_filter": {
"required": false,
"title": "Basic RCF rule for packet filter",
"type": "string"
},
"extend_filter": {
"required": false,
"title": "Extended RCF rule for packet filter",
"type": "string"
},
"resource_type": {
"default": "FieldsFilterData",
"enum": [
"FieldsFilterData",
"PlainFilterData"
],
"required": true,
"title": "Filter type",
"type": "string"
}
},
"type": "object"
}
PointDefinition (type)
{
"additionalProperties": false,
"description": "Defines the point of a graph.",
"id": "PointDefinition",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "An expression that represents the points of the graph",
"required": true,
"title": "Expression for points of the graph",
"type": "string"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the point of a graph.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
},
"x_value": {
"description": "Represents the variable for the X value of points that are plotted on the graph.",
"required": true,
"title": "Variable chosen for X value of the point of the graph",
"type": "string"
},
"y_value": {
"description": "Represents the variable for the Y value of points that are plotted on the graph.",
"required": true,
"title": "Variable chosen for Y value of the point of the graph",
"type": "string"
}
},
"title": "Definition of a point of graph",
"type": "object"
}
Policy (type)
{
"additionalProperties": false,
"description": "Ordered list of Rules. This object is created by default along with the Domain.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Policy",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules",
"type": "object"
}
PolicyAlarmResource (type)
{
"description": "Alarm base class of realized policy object",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyAlarmResource",
"module_id": "PolicyRealizedState",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyAlarmResource"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"error_details": {
"$ref": "PolicyApiError,
"required": false,
"title": "Detailed information about errors from an API call made to the\nenforcement point, if any.\n"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"message": {
"required": false,
"title": "error message to describe the issue",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_reference": {
"required": false,
"title": "path of the object on which alarm is created",
"type": "string"
},
"source_site_id": {
"description": "This field will refer to the source site on which the alarm is generated. This field is populated by GM, when it receives corresponding notification from LM.",
"readonly": true,
"required": false,
"title": "source site(LM) id.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Alarm base class of realized policy object",
"type": "object"
}
PolicyAlarmResourceListRequestParameters (type)
{
"additionalProperties": false,
"description": "PolicyAlarmResource list request parameters",
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyAlarmResourceListRequestParameters",
"module_id": "PolicyRealizedState",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyAlarmResource list request parameters",
"type": "object"
}
PolicyAlarmResourceListResult (type)
{
"additionalProperties": false,
"description": "PolicyAlarmResource list result",
"extends": {
"$ref": "ListResult
},
"id": "PolicyAlarmResourceListResult",
"module_id": "PolicyRealizedState",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of alarm resources",
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Paged Collection of PolicyAlarmResources",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyAlarmResource list result",
"type": "object"
}
PolicyApiError (type)
{
"extends": {
"$ref": "PolicyRelatedApiError
},
"id": "PolicyApiError",
"module_id": "PolicyRealizedState",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
},
"related_errors": {
"items": {
"$ref": "PolicyRelatedApiError
},
"title": "Other errors related to this error",
"type": "array"
}
},
"title": "Detailed information about an API Error",
"type": "object"
}
PolicyArpProxyEntry (type)
{
"additionalProperties": false,
"id": "PolicyArpProxyEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"arp_proxy_ip": {
"description": "ARP proxy information for a service with ip.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"required": false,
"title": "Array of ARP proxy service address",
"type": "array"
},
"service_id": {
"description": "Identifier of connected service on port.",
"readonly": true,
"required": false,
"title": "Service type id",
"type": "string"
}
},
"type": "object"
}
PolicyArpProxyTableCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyArpProxyTableCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "InterfaceArpProxyCsvEntry
},
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyArpProxyTableListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyArpProxyTableListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "InterfaceArpProxy
},
"readonly": true,
"required": false,
"title": "Paginated list of Gateway interface ARP proxy tables",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyAttributes (type)
{
"additionalProperties": false,
"id": "PolicyAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"attribute_source": {
"default": "SYSTEM",
"enum": [
"SYSTEM",
"CUSTOM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"isALGType": {
"description": "Describes whether the APP_ID value is ALG type or not.",
"required": false,
"title": "Is the value ALG type",
"type": "boolean"
},
"key": {
"description": "URL_Reputation is currently not available. Please do not use it in Attribute Key while creating context profile",
"enum": [
"APP_ID",
"DOMAIN_NAME",
"URL_CATEGORY",
"URL_REPUTATION",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For URL CATEGORY key , it specified super category for url category value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Attributes data holder",
"type": "object"
}
PolicyBasedIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet.",
"extends": {
"$ref": "IPSecVpnSession
},
"id": "PolicyBasedIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyBasedIPSecVpnSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"description": "Public IPV4 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "IPV4 address of peer endpoint on remote site",
"type": "string"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"rules": {
"items": {
"$ref": "IPSecVpnRule
},
"minItems": 1,
"required": true,
"title": "Rules",
"type": "array"
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy based VPN session",
"type": "object"
}
PolicyBasedL3VpnSession (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A Policy-based L3Vpn session is a configuration in which a specific vpn tunnel is referenced in a policy whose action is set as tunnel.",
"extends": {
"$ref": "L3VpnSession
},
"id": "PolicyBasedL3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyBasedL3VpnSession"
},
"properties": {
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
},
"rules": {
"description": "L3Vpn rules that are specific to the L3Vpn. Only L3Vpn rules with PROTECT action are supported.",
"items": {
"$ref": "L3VpnRule
},
"title": "L3Vpn Rules",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy based L3Vpn Session",
"type": "object"
}
PolicyBgpNeighborStatus (type)
{
"id": "PolicyBgpNeighborStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"address_families": {
"description": "Address families of BGP neighbor",
"items": {
"$ref": "BgpAddressFamily
},
"readonly": true,
"required": false,
"title": "Address families of BGP neighbor",
"type": "array"
},
"announced_capabilities": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities sent to BGP neighbor.",
"type": "array"
},
"connection_drop_count": {
"readonly": true,
"required": false,
"title": "Count of connection drop",
"type": "integer"
},
"connection_state": {
"enum": [
"INVALID",
"IDLE",
"CONNECT",
"ACTIVE",
"OPEN_SENT",
"OPEN_CONFIRM",
"ESTABLISHED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current state of the BGP session.",
"type": "string"
},
"edge_path": {
"required": false,
"title": "Transport node policy path",
"type": "string"
},
"established_connection_count": {
"readonly": true,
"required": false,
"title": "Count of connections established",
"type": "integer"
},
"graceful_restart_mode": {
"description": "Current state of graceful restart of BGP neighbor. Possible values are - 1. GR_AND_HELPER - Graceful restart with Helper 2. HELPER_ONLY - Helper only 3. DISABLE - Disabled",
"readonly": true,
"required": false,
"title": "Graceful restart mode",
"type": "string"
},
"hold_time": {
"description": "If a HELLO packet is not seen from BGP Peer withing hold_time then BGP neighbor will be marked as down.",
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO from BGP peer.",
"type": "integer"
},
"keep_alive_interval": {
"readonly": true,
"required": false,
"title": "Time in ms to wait for HELLO packet from BGP peer",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated, unset if data source has never updated the data.",
"readonly": true,
"title": "Timestamp indicating last update time of data"
},
"local_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of Local BGP connection",
"type": "integer"
},
"messages_received": {
"readonly": true,
"required": false,
"title": "Count of messages received from the neighbor",
"type": "integer"
},
"messages_sent": {
"readonly": true,
"required": false,
"title": "Count of messages sent to the neighbor",
"type": "integer"
},
"negotiated_capability": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "BGP capabilities negotiated with BGP neighbor.",
"type": "array"
},
"neighbor_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The IP of the BGP neighbor"
},
"neighbor_router_id": {
"readonly": true,
"required": false,
"title": "Router ID of the BGP neighbor.",
"type": "string"
},
"remote_as_number": {
"readonly": true,
"required": false,
"title": "AS number of the BGP neighbor",
"type": "string"
},
"remote_port": {
"maximum": 65535,
"minimum": 1,
"readonly": true,
"required": false,
"title": "TCP port number of remote BGP Connection",
"type": "integer"
},
"remote_site": {
"$ref": "ResourceReference,
"description": "Remote site details.",
"readonly": true,
"title": "Remote site"
},
"source_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The Ip address of logical port"
},
"tier0_path": {
"readonly": true,
"required": true,
"title": "Policy path to Tier0",
"type": "string"
},
"time_since_established": {
"readonly": true,
"required": false,
"title": "Time(in seconds) since connection was established.",
"type": "integer"
},
"total_in_prefix_count": {
"description": "Sum of in prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of in prefixes",
"type": "integer"
},
"total_out_prefix_count": {
"description": "Sum of out prefixes counts across all address families.",
"readonly": true,
"required": false,
"title": "Count of out prefixes",
"type": "integer"
},
"type": {
"description": "BGP neighbor type",
"enum": [
"INTER_SR",
"USER"
],
"readonly": true,
"title": "BGP neighbor type",
"type": "string"
}
},
"type": "object"
}
PolicyBgpNeighborsStatusListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyBgpNeighborsStatusListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"required": false,
"title": "Status of BGP neighbors of the Tier0",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyComplianceStatus (type)
{
"id": "PolicyComplianceStatus",
"module_id": "PolicyCompliance",
"properties": {
"last_updated_time": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp of last update"
},
"non_compliant_configs": {
"items": {
"$ref": "PolicyNonCompliantConfig
},
"readonly": true,
"title": "List of non compliant configuration and impacted services",
"type": "array"
}
},
"type": "object"
}
PolicyConfigResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Represents an object on the desired state.",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyConfigResource",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an object on the desired state",
"type": "object"
}
PolicyContainerGroupMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "PolicyContainerGroupMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"cluster": {
"items": {
"$ref": "ClusterMemberDetails
},
"required": true,
"type": "array"
}
},
"title": "Group member details",
"type": "object"
}
PolicyContainerGroupMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of pods belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyContainerGroupMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyContainerGroupMemberDetails
},
"required": true,
"title": "Paged Collection of pods that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group members list result",
"type": "object"
}
PolicyContextProfile (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes and sub-attributes of various network services (eg. L7 services, domain name, encryption algorithm) The entity will be consumed in firewall rules and can be added in new tuple called profile in firewall rules. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyContextProfile",
"module_id": "PolicyContextProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "Property containing attributes/sub-attributes for Policy Context Profile.",
"items": {
"$ref": "PolicyAttributes
},
"required": true,
"title": "Array of Policy Context Profile attributes",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Context Profile entity",
"type": "object"
}
PolicyContextProfileDeleteRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "OverrideDeleteRequestParameters
},
"id": "PolicyContextProfileDeleteRequestParameters",
"module_id": "PolicyContextProfile",
"properties": {
"force": {
"default": false,
"description": "If true, deleting the resource succeeds even if it is being referred as a resource reference.",
"title": "Force delete the resource even if it is being used somewhere\n",
"type": "boolean"
},
"override": {
"default": false,
"description": "If true, the overridden object can be deleted locally. This will restore the global resource as the intended configuration for this site.",
"required": false,
"title": "Delete the locally overriden global object",
"type": "boolean"
}
},
"title": "Policy Context Profile delete request parameters",
"type": "object"
}
PolicyContextProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyContextProfileListRequestParameters",
"module_id": "PolicyContextProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Context Profile list request parameters",
"type": "object"
}
PolicyContextProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyContextProfileListResult",
"module_id": "PolicyContextProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyContextProfile
},
"readonly": true,
"title": "Paged collection of PolicyContextProfiles",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List result of PolicyContextProfiles",
"type": "object"
}
PolicyCustomAttributes (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyCustomAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attribute_source": {
"default": "CUSTOM",
"enum": [
"CUSTOM",
"SYSTEM"
],
"required": false,
"title": "Source of attribute value i.e whether system defined or custom value",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for attribute",
"type": "string"
},
"description": {
"required": false,
"title": "Description for attribute value",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key": {
"description": "Policy Custom Attribute Key",
"enum": [
"DOMAIN_NAME",
"CUSTOM_URL"
],
"required": true,
"title": "Key for attribute",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"metadata": {
"description": "This is optional part that can hold additional data about the attribute key/values. Example - For Custom URL key , it specified url type for url value. This is generic array and can hold multiple meta information about key/values in future",
"items": {
"$ref": "ContextProfileAttributesMetadata
},
"required": false,
"title": "Provide additional meta information about key/values",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sub_attributes": {
"items": {
"$ref": "PolicySubAttributes
},
"required": false,
"title": "Reference to sub attributes for the attribute",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"value": {
"description": "Multiple attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Custom Attributes data holder",
"type": "object"
}
PolicyDHGroup (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Diffie-Hellman groups represent algorithm used to derive shared keys between IPSec VPN initiator and responder over an unsecured network. GROUP2 uses 1024-bit Modular Exponentiation (MODP) group. GROUP5 uses 1536-bit MODP group. GROUP14 uses 2048-bit MODP group. GROUP15 uses 3072-bit MODP group. GROUP16 uses 4096-bit MODP group.",
"enum": [
"GROUP2",
"GROUP5",
"GROUP14",
"GROUP15",
"GROUP16"
],
"id": "PolicyDHGroup",
"module_id": "PolicyL3Vpn",
"title": "Diffie-Hellman groups",
"type": "string"
}
PolicyDnsAnswerPerEnforcementPoint (type)
{
"abstract": true,
"description": "DNS forwarder nslookup answer per enforcement point.",
"id": "PolicyDnsAnswerPerEnforcementPoint",
"module_id": "PolicyDnsForwarder",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path referencing the enforcement point from where the DNS forwarder nslookup answer is fetched.",
"readonly": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"description": "Resource type of the DNS forwarder nslookup answer.",
"enum": [
"NsxTDnsAnswer"
],
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "NSLookup answer per enforcement point",
"type": "object"
}
PolicyDnsForwarder (type)
{
"additionalProperties": false,
"description": "Used to configure DNS Forwarder",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDnsForwarder",
"module_id": "PolicyDnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cache_size": {
"default": 1024,
"description": "Cache size in KB.",
"maximum": 16777216,
"minimum": 0,
"title": "Cache size in KB",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"conditional_forwarder_zone_paths": {
"description": "Max of 5 DNS servers can be configured",
"items": {
"type": "string"
},
"maxItems": 5,
"required": false,
"title": "Path of conditional DNS zones",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyDnsForwarder"
],
"relationshipType": "CONDITIONAL_DNS_FORWARDER_ZONE_RELATIONSHIP",
"rightType": [
"PolicyDnsForwarderZone"
]
}
]
},
"default_forwarder_zone_path": {
"description": "This is the zone to which DNS requests are forwarded by default",
"required": true,
"title": "Path of the default DNS zone.",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyDnsForwarder"
],
"relationshipType": "DEFAULT_DNS_FORWARDER_ZONE_RELATIONSHIP",
"rightType": [
"PolicyDnsForwarderZone"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The flag, which suggests whether the DNS forwarder is enabled or disabled. The default is True.",
"title": "DNS forwarder enabled flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"listener_ip": {
"$ref": "IPv4Address,
"description": "This is the IP on which the DNS Forwarder listens.",
"required": true,
"title": "IP on which the DNS Forwarder listens."
},
"log_level": {
"default": "INFO",
"description": "Set log_level to DISABLED will stop dumping fowarder log.",
"enum": [
"DEBUG",
"INFO",
"WARNING",
"ERROR",
"FATAL"
],
"required": false,
"title": "Log level of the dns forwarder",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "DNS Forwarder",
"type": "object"
}
PolicyDnsForwarderZone (type)
{
"additionalProperties": false,
"description": "Used to configure zones on DNS Forwarder",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDnsForwarderZone",
"module_id": "PolicyDnsForwarder",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dns_domain_names": {
"description": "List of domain names on which conditional forwarding is based. This field is required if the DNS Zone is being used for a conditional forwarder. This field will also be used for conditional reverse lookup. Example 1, if for one of the zones, one of the entries in the fqdn is example.com, all the DNS requests under the domain example.com will be served by the corresponding upstream DNS server. Example 2, if for one of the zones, one of the entries in the fqdn list is \"13.12.30.in-addr.arpa\", reverse lookup for 30.12.13.0/24 will go to the corresponding DNS server.",
"items": {
"type": "string"
},
"required": false,
"title": "List of domain names",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_ip": {
"$ref": "IPv4Address,
"description": "The source IP used by the DNS Forwarder zone.",
"required": false,
"title": "Source IP used by DNS Forwarder zone"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"upstream_servers": {
"description": "Max of 3 DNS servers can be configured",
"items": {
"$ref": "IPv4Address
},
"maxItems": 3,
"required": true,
"title": "DNS servers to which the DNS request needs to be forwarded",
"type": "array"
}
},
"title": "DNS Forwarder Zone",
"type": "object"
}
PolicyDnsForwarderZoneListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyDnsForwarderZoneListRequestParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "DNS Forwarder Zone list request parameters",
"type": "object"
}
PolicyDnsForwarderZoneListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyDnsForwarderZoneListResult",
"module_id": "PolicyDnsForwarder",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyDnsForwarderZone
},
"required": true,
"title": "Dns Forwarder Zone list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of DNS Forwarder Zones",
"type": "object"
}
PolicyDraft (type)
{
"additionalProperties": false,
"description": "A draft which stores the system generated as well as user intended changes in a hierarchical body format.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyDraft",
"module_id": "PolicyDraft",
"policy_hierarchical_children": [
"ChildInfra"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_auto_draft": {
"default": false,
"description": "Flag to indicate whether draft is auto created. True indicates that the draft is an auto draft. False indicates that the draft is a manual draft.",
"readonly": true,
"title": "Auto draft flag",
"type": "boolean"
},
"lock_comments": {
"description": "Comments for a policy draft lock/unlock.",
"readonly": false,
"required": false,
"title": "Policy draft lock/unlock comments",
"type": "string"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for a policy draft.",
"readonly": true,
"required": false,
"title": "User who locked a policy draft",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "Policy draft locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "Policy draft locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a draft should be locked. If the draft is locked by an user, then no other user would be able to modify or publish this draft. Once the user releases the lock, other users can then modify or publish this draft.",
"required": false,
"title": "Lock a policy draft",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"ref_draft_path": {
"description": "When specified, a manual draft will be created w.r.t. the specified draft. If not specified, manual draft will be created w.r.t. the current published configuration. For an auto draft, this will always be null.",
"title": "Path of an existing draft for reference",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"system_area": {
"$ref": "Infra,
"description": "Configuration changes against the current configuration, tracked by the system. The value is stored in a hierarchical body format.",
"readonly": true,
"title": "Configuration changes tracked by the system"
},
"system_area_store_id": {
"description": "In case of a large draft, wherein the size of system_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store.",
"readonly": true,
"title": "ID of the data store where system_area has stored",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"user_area": {
"$ref": "Infra,
"description": "These are user defined configuration changes, which are applicable only in case of manual drafts. During the publish of a draft, system_area changes gets applied first, and then these changes. The value must be in a hierarchical body format.",
"title": "User defined configuration changes"
},
"user_area_store_id": {
"description": "In case of a large draft, wherein the size of user_area is so big that it can not be stored into one draft object, the data is then gets stored into multiple chunks in a draft data store. This value represents the ID of that data store.",
"readonly": true,
"title": "ID of the data store where user_area has stored",
"type": "string"
}
},
"title": "Policy draft",
"type": "object"
}
PolicyDraftListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters to be passed while listing policy drafts.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyDraftListRequestParameters",
"module_id": "PolicyDraft",
"properties": {
"auto_drafts": {
"description": "If set to true, then only auto drafts will be get fetched. If set to false, then only manual drafts will be get fetched. If not set, then all drafts will be get fetched.",
"title": "Fetch list of draft based on is_auto_draft flag",
"type": "boolean"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy draft list request parameters",
"type": "object"
}
PolicyDraftListResult (type)
{
"additionalProperties": false,
"description": "This holds the list of policy drafts.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyDraftListResult",
"module_id": "PolicyDraft",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paginated list of policy drafts.",
"items": {
"$ref": "PolicyDraft
},
"readonly": true,
"title": "Policy drafts list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of policy drafts",
"type": "object"
}
PolicyDraftPaginatedAggregatedConfigurationRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters to get the paginated aggregated configuration for a draft.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "PolicyDraftPaginatedAggregatedConfigurationRequestParameters",
"module_id": "PolicyDraft",
"properties": {
"request_id": {
"description": "If the initial call to get paginated aggregated configuration for a draft, returns a paginated response, then the response will contain a request_id. This identifier needs to be passed with subsequent API calls to get detailed aggregated configuration for the draft.",
"required": false,
"title": "Request identifier to track subsequent API calls",
"type": "string"
},
"root_path": {
"description": "Policy path of the security policy. If specified with the subsequent API calls after initial call to get paginated aggregated configuration for a draft, the response will return the subtree of this security policy having all its children. If not specified, then the subsequent API calls will return all the security policies without their children, from pre-calculated aggregated configuration of a draft. This is not required for an initial call to get paginated aggregated configuration for a draft.",
"required": false,
"title": "Path of the root object of subtree",
"type": "string"
}
},
"title": "Parameters to get the paginated aggregated configuration for a draft",
"type": "object"
}
PolicyDraftPaginatedAggregatedConfigurationResult (type)
{
"additionalProperties": false,
"description": "Paginated result of aggregated configuration of a policy draft",
"id": "PolicyDraftPaginatedAggregatedConfigurationResult",
"module_id": "PolicyDraft",
"properties": {
"request_id": {
"description": "Request identifier to keep track of calculated aggregated configuration a draft during subsequent API calls after initial API call. This identifier can be use to fetch the detailed aggregated configuration at security policy level. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination.",
"readonly": true,
"title": "Request identifier to keep track of result",
"type": "string"
},
"result": {
"$ref": "Infra,
"description": "Paginated aggregated configuration of a given draft. For an initial API call, if request_id is present in response, then this is a paginated aggregated configuration of a given draft. To get more granular aggregated configuration, request_id need to be passed to subsequent API calls. Absence of request_id suggests that whole aggregated configuration has been returned as a response to initial API call, as the size of aggregated configuration is not big enough to need pagination.",
"readonly": true,
"title": "Aggregated configuration of a draft"
}
},
"title": "Paginated result of aggregated configuration of a policy draft",
"type": "object"
}
PolicyEdgeCluster (type)
{
"additionalProperties": false,
"description": "Edge Cluster.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyEdgeCluster",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildPolicyEdgeNode"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"inter_site_forwarding_enabled": {
"description": "Flag to indicate status of inter site l2 and l3 forwarding in federation.",
"readonly": true,
"title": "Inter site forwarding is enabled if true",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_node_type": {
"$ref": "EdgeClusterNodeType,
"description": "Edge cluster is homogenous collection of transport nodes. Hence all transport nodes of the cluster must be of same type. This readonly field shows the type of transport nodes.",
"readonly": true,
"required": false,
"title": "Node type of the cluster members"
},
"nsx_id": {
"description": "UUID of Edge Cluster on NSX-T enforcement point.",
"readonly": true,
"title": "Edge Cluster UUID on NSX-T Enforcement Point",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rtep_ips": {
"description": "List of remote tunnel endpoint ipaddress configured on edge cluster.",
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote tunnel endpoint IP addresses.",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_exclude": true,
"title": "Edge Cluster",
"type": "object"
}
PolicyEdgeClusterInterSiteBgpSummary (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeClusterInterSiteBgpSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_cluster_path": {
"description": "Edge cluster path whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge node path",
"type": "string"
},
"edge_nodes": {
"description": "Status of all edge nodes within cluster.",
"items": {
"$ref": "PolicyEdgeNodeInterSiteBgpSummary
},
"readonly": true,
"title": "Individual edge nodes status",
"type": "array"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
PolicyEdgeClusterInterSiteStatus (type)
{
"additionalProperties": false,
"id": "PolicyEdgeClusterInterSiteStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_cluster_name": {
"description": "Name of the edge cluster whose status is being reported.",
"readonly": true,
"title": "Edge cluster name",
"type": "string"
},
"edge_cluster_path": {
"description": "Policy path of the edge cluster whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge cluster path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the edge cluster inter-site status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"member_status": {
"description": "Per edge node inter-site status.",
"items": {
"$ref": "PolicyEdgeClusterMemberInterSiteStatus
},
"readonly": true,
"title": "Per edge node inter-site status",
"type": "array"
},
"overall_status": {
"description": "Overall status of all edge nodes IBGP status in the edge cluster.",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Overall IBGP status in the edge cluster",
"type": "string"
}
},
"type": "object"
}
PolicyEdgeClusterListRequestParameters (type)
{
"additionalProperties": false,
"description": "Policy Edge Cluster list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyEdgeClusterListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Edge Cluster List Request Parameters",
"type": "object"
}
PolicyEdgeClusterListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Edge Cluster",
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeClusterListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Edge Cluster list result.",
"items": {
"$ref": "PolicyEdgeCluster
},
"required": true,
"title": "Edge Cluster List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Edge Cluster",
"type": "object"
}
PolicyEdgeClusterMemberInterSiteStatus (type)
{
"additionalProperties": false,
"id": "PolicyEdgeClusterMemberInterSiteStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_path": {
"$ref": "ResourceReference,
"description": "Edge node details from where the status is being retrived.",
"readonly": true,
"required": true,
"title": "Edge node path"
},
"established_bgp_sessions": {
"description": "Total number of current established inter-site IBGP sessions.",
"readonly": true,
"title": "Established inter-site IBGP sessions",
"type": "integer"
},
"neighbor_status": {
"description": "Inter-site BGP neighbor status.",
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"title": "BGP neighbor status",
"type": "array"
},
"status": {
"description": "Edge node IBGP status",
"enum": [
"UP",
"DOWN",
"DEGRADED",
"UNKNOWN"
],
"readonly": true,
"title": "Edge node IBGP status",
"type": "string"
},
"total_bgp_sessions": {
"description": "Total number of inter-site IBGP sessions.",
"readonly": true,
"title": "Total inter-site IBGP sessions",
"type": "integer"
}
},
"type": "object"
}
PolicyEdgeNode (type)
{
"additionalProperties": false,
"description": "This object serves as a representation of the edge cluster index to which the edge node connects. It should not be mistaken for the edge / transport node itself. Consuming services can refer to the nsx_id property to fetch the UUID of the edge / transport node that is attached to this index.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyEdgeNode",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"member_index": {
"description": "The numerical value of the member index in the edge cluster that this object represents and to which the edge node connects.",
"readonly": true,
"title": "Member Index",
"type": "integer"
},
"nsx_id": {
"description": "UUID of edge node on NSX-T enforcement point.",
"readonly": true,
"title": "Edge Node UUID on NSX-T Enforcement Point",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_exclude": true,
"title": "Policy Edge Node",
"type": "object"
}
PolicyEdgeNodeInterSiteBgpSummary (type)
{
"id": "PolicyEdgeNodeInterSiteBgpSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"edge_node_path": {
"description": "Edge node path whose status is being reported.",
"readonly": true,
"required": true,
"title": "Edge node path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the inter-site IBGP neighbors status was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"neighbor_status": {
"description": "Status of all inter-site IBGP neighbors.",
"items": {
"$ref": "PolicyBgpNeighborStatus
},
"readonly": true,
"title": "Inter-site IBGP neighbors status",
"type": "array"
}
},
"type": "object"
}
PolicyEdgeNodeListRequestParameters (type)
{
"additionalProperties": false,
"description": "Edge Node list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyEdgeNodeListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Edge Node List Request Parameters",
"type": "object"
}
PolicyEdgeNodeListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Edge Node",
"extends": {
"$ref": "ListResult
},
"id": "PolicyEdgeNodeListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Edge Node list result.",
"items": {
"$ref": "PolicyEdgeNode
},
"required": true,
"title": "Edge Node List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Edge Node",
"type": "object"
}
PolicyExcludeList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyExcludeList",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of the members in the exclude list",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "ExcludeList member list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyExcludeList"
],
"relationshipType": "FIREWALL_EXCLUDE_LIST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
PolicyFineTuningResourceInfo (type)
{
"additionalProperties": false,
"description": "It represent the resource with details of name and fields it owns.",
"id": "PolicyFineTuningResourceInfo",
"module_id": "PolicyFineTuning",
"properties": {
"fields": {
"items": {
"$ref": "PolicyFineTuningResourceInfoDetail
},
"required": true,
"title": "List of all field of any resource",
"type": "array"
},
"resource_name": {
"description": "It will represent resource with name and fields.",
"required": true,
"title": "Resource name",
"type": "string"
}
},
"title": "Contains the detail of resources with name and fields",
"type": "object"
}
PolicyFineTuningResourceInfoDetail (type)
{
"additionalProperties": false,
"description": "Contains the details of resource field",
"id": "PolicyFineTuningResourceInfoDetail",
"module_id": "PolicyFineTuning",
"properties": {
"field_name": {
"description": "It will represent resource with name and fields.",
"required": true,
"title": "Resource name",
"type": "string"
},
"sub_type": {
"$ref": "PolicyFineTuningResourceInfo,
"required": true,
"title": "List of all field of any resource"
}
},
"title": "Contains the details resources with field type and name",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between CPU Memory Thresholds Profile and Transport Node. Using this entity, user can specify intent for applying Firewall CPU Memory Thresholds Profile to particular Transport Node.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMap",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single node. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"maximum": 4294967295,
"minimum": 0,
"required": true,
"title": "Sequence number of this profile binding map",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_nodes": {
"description": "References of transport nodes on which the profile intended to be applied.",
"items": {
"$ref": "PolicyResourceReference
},
"title": "References of transport nodes",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW CPU Memory Thresholds Profile binding map",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall CPU Memory Thresholds Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallCPUMemThresholdsProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallCPUMemThresholdsProfileBindingMapListResult",
"module_id": "PolicyFirewallCPUMemThresholdsProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallCPUMemThresholdsProfileBindingMap
},
"required": true,
"title": "Firewall CPU Memory Thresholds Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall CPU Memory Thresholds Profile Binding Maps",
"type": "object"
}
PolicyFirewallCpuMemThresholdsProfile (type)
{
"additionalProperties": false,
"description": "A profile holding CPU and memory thresholds configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallCpuMemThresholdsProfile",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"cpu_threshold_percentage": {
"default": 90,
"description": "CPU utilization thresholds percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"required": true,
"title": "CPU utilization thresholds percentage",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mem_threshold_percentage": {
"default": 90,
"description": "Heap memory thresholds percentage to monitor and report for distributed firewall.",
"maximum": 100,
"minimum": 10,
"required": true,
"title": "Heap memory thresholds utilization percentage",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Firewall CPU and memory thresholds profile",
"type": "object"
}
PolicyFirewallCpuMemThresholdsProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallCpuMemThresholdsProfileListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallCpuMemThresholdsProfile
},
"required": true,
"title": "PolicyFirewallCpuMemThresholdsProfile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of PolicyFirewallCpuMemThresholdsProfile",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Firewall Flood Protection profile and Group. Using this entity, user can specify intent for applying Firewall Flood Protection profile to particular Group.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "PolicyFirewallFloodProtectionProfileBindingMap",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"required": true,
"title": "Sequence number of this profile binding map.",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW Flood Protection Profile binding map",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallFloodProtectionProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Flood Protection Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallFloodProtectionProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallFloodProtectionProfileBindingMapListResult",
"module_id": "PolicyFirewallFloodProtectionProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallFloodProtectionProfileBindingMap
},
"required": true,
"title": "Firewall Flood Protection Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall Flood Protection Profile Binding Maps",
"type": "object"
}
PolicyFirewallScheduler (type)
{
"additionalProperties": false,
"description": "An entity that encapsulates attributes to schedule firewall rules to be active to allow or block traffic for a specific period of time. Note that at least one property out of \"days\", \"start_time\", \"end_time\", \"start_date\", \"end_date\" is required.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallScheduler",
"module_id": "PolicyFirewallScheduler",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"days": {
"description": "Days of week on which rules will be enforced. If property is omitted, then days of the week will not considered while calculating the firewall schedule. It should not be present when the recurring flag is false.",
"items": {
"$ref": "PolicyFirewallSchedulerDays
},
"required": false,
"title": "Days of the week",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"end_date": {
"description": "End date on which schedule to end. Example, 12/22/2019.",
"required": true,
"title": "End date in MM/DD/YYYY",
"type": "string"
},
"end_time": {
"description": "If recurring field is set false, then this field must be present. The schedule will be enforced till the end time of the specified end date. If recurring field is set true, then this field should not be present.",
"required": false,
"title": "End time",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"recurring": {
"default": true,
"description": "Flag to indicate whether firewall schedule recurs or not. The default value is true and it should be set to false when the firewall schedule does not recur and is a one time time interval.",
"required": true,
"title": "Firewall schedule recurring flag",
"type": "boolean"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start_date": {
"description": "Start date on which schedule to start. Example, 02/22/2019.",
"required": true,
"title": "Start date in MM/DD/YYYY",
"type": "string"
},
"start_time": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 9:00. If recurring field is set false, then this field must be present. The schedule will start getting enforced from the start time of the specified start date. If recurring field is set true, then this field should not be present.",
"required": false,
"title": "Start time",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_interval": {
"description": "The recurring time interval in a day during which the schedule will be applicable. It should not be present when the recurring flag is false.",
"items": {
"$ref": "PolicyTimeIntervalValue
},
"maxItems": 1,
"required": false,
"title": "Recurring time interval",
"type": "array"
},
"timezone": {
"description": "Host Timezone to be used to enforce firewall rules.",
"enum": [
"UTC",
"LOCAL"
],
"required": true,
"title": "Host timezone",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Firewall Scheduler entity",
"type": "object"
}
PolicyFirewallSchedulerDays (type)
{
"additionalProperties": false,
"enum": [
"SUNDAY",
"MONDAY",
"TUESDAY",
"WEDNESDAY",
"THURSDAY",
"FRIDAY",
"SATURDAY"
],
"id": "PolicyFirewallSchedulerDays",
"module_id": "PolicyFirewallScheduler",
"title": "Day on which scheduled firewall rule will be enforced",
"type": "string"
}
PolicyFirewallSessionTimerProfile (type)
{
"description": "A profile holding TCP, UDP and ICMP session timeout configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallSessionTimerProfile",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"icmp_error_reply": {
"default": 10,
"description": "The timeout value for the connection after an ICMP error came back in response to an ICMP packet. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after ICMP error",
"type": "integer"
},
"icmp_first_packet": {
"default": 20,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new ICMP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "First packet connection timeout",
"type": "integer"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_closed": {
"default": 20,
"description": "The timeout value of connection in seconds after one endpoint sends an RST. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after RST",
"type": "integer"
},
"tcp_closing": {
"default": 120,
"description": "The timeout value of connection in seconds after the first FIN has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after first TN",
"type": "integer"
},
"tcp_established": {
"default": 43200,
"description": "The timeout value of connection in seconds once the connection has become fully established. The default value for Edges (i.e, Gateway,or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 120,
"readonly": false,
"required": true,
"title": "Connection timeout",
"type": "integer"
},
"tcp_finwait": {
"default": 45,
"description": "The timeout value of connection in seconds after both FINs have been exchanged and connection is closed. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after FINs exchanged",
"type": "integer"
},
"tcp_first_packet": {
"default": 120,
"description": "The timeout value of connection in seconds after the first packet has been sent. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"tcp_opening": {
"default": 30,
"description": "The timeout value of connection in seconds after a second packet has been transferred. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after second packet",
"type": "integer"
},
"udp_first_packet": {
"default": 60,
"description": "The timeout value of connection in seconds after the first packet. This will be the initial timeout for the new UDP flow. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timout after first packet",
"type": "integer"
},
"udp_multiple": {
"default": 60,
"description": "The timeout value of connection in seconds if both hosts have sent packets. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Timeout after hosts sent packet",
"type": "integer"
},
"udp_single": {
"default": 30,
"description": "The timeout value of connection in seconds if the source host sends more than one packet but the destination host has never sent one back. The default value for Edges (i.e, Gateway, or Logical Router) may be different than Distributed Firewall hosts.",
"maximum": 4320000,
"minimum": 10,
"readonly": false,
"required": true,
"title": "Connection timeout for destination",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Firewall Session timeout profile",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Firewall Timer session profile and Group. Using this entity, user can specify intent for applying Firewall Timer session profile to particular Group.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyFirewallSessionTimerProfileBindingMap",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"firewall_session_timer_profile_path": {
"description": "PolicyPath of associated Firewall Timer Session Profile",
"required": true,
"title": "Firewall Session Timer Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyFirewallSessionTimerProfileBindingMap"
],
"relationshipType": "DFW_SESSION_TIMER_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sequence_number": {
"description": "Sequence number is used to resolve conflicts when two profiles get applied to a single port. Lower value gets higher precedence. Two binding maps having the same profile path should have the same sequence number.",
"required": false,
"title": "Sequence number of this profile binding map.",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy DFW Timer Session Profile binding map",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallSessionTimerProfileBindingMapListRequestParameters",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Session Timer Profile Binding Map list request parameters",
"type": "object"
}
PolicyFirewallSessionTimerProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallSessionTimerProfileBindingMapListResult",
"module_id": "PolicyFirewallSessionTimerProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallSessionTimerProfileBindingMap
},
"required": true,
"title": "Firewall Session Timer Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Firewall Session Timer Profile Binding Maps",
"type": "object"
}
PolicyFirewallSessionTimerProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyFirewallSessionTimerProfileListRequestParameters",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Firewall Session timeout profile list request parameters",
"type": "object"
}
PolicyFirewallSessionTimerProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyFirewallSessionTimerProfileListResult",
"module_id": "PolicyFirewallSessionTimerProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFirewallSessionTimerProfile
},
"required": true,
"title": "Policy Firewall Session timeout profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy Firewall Session timeout profiles",
"type": "object"
}
PolicyGroupIPMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of IP members belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupIPMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "IPElement
},
"required": true,
"title": "Paged Collection of IP addresses that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group IP members list result",
"type": "object"
}
PolicyGroupMemberDetails (type)
{
"additionalProperties": false,
"description": "Details of the member belonging to a Group",
"id": "PolicyGroupMemberDetails",
"module_id": "PolicyGroupRealization",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "The display name of the member on the enforcement point",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The ID of the member on the enforcement point",
"type": "string"
},
"path": {
"readonly": true,
"required": true,
"title": "The path of the member, if relevant",
"type": "string"
}
},
"title": "Group member details",
"type": "object"
}
PolicyGroupMembersListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of members belonging to a Group.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyGroupMembersListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyGroupMemberDetails
},
"required": true,
"title": "Paged Collection of members that belong to the given Group",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Group members list result",
"type": "object"
}
PolicyGroupServiceAssociationsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyGroupServiceAssociationsRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"description": "Path of the entity for which associated services are to be fetched.",
"required": true,
"title": "Path of the entity",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Associations list request parameters",
"type": "object"
}
PolicyIKEDigestAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The IKEDigestAlgorithms are used to verify message integrity during IKE negotiation. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "PolicyIKEDigestAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Digest Algorithms used in IKE negotiations",
"type": "string"
}
PolicyIKEEncryptionAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "IKEEncryption algorithms are used to ensure confidentiality of the messages exchanged during IKE negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode(GCM) and is used to provide both confidentiality and data origin authentication. AES_GCM composed of two separate functions one for encryption(AES) and one for authentication(GMAC). AES_GCM algorithms will be available with IKE_V2 version only. AES_GMAC_128 uses 128-bit keys. AES_GMAC_192 uses 192-bit keys. AES_GMAC_256 uses 256-bit keys.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "PolicyIKEEncryptionAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Encryption algorithms used in IKE",
"type": "string"
}
PolicyIKEVersion (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "IKE protocol version to be used. IKE-Flex will initiate IKE-V2 and responds to both IKE-V1 and IKE-V2.",
"enum": [
"IKE_V1",
"IKE_V2",
"IKE_FLEX"
],
"id": "PolicyIKEVersion",
"module_id": "PolicyL3Vpn",
"title": "IKE version",
"type": "string"
}
PolicyIPAddressInfo (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "Used to specify the display name and value of the IPv4Address.",
"id": "PolicyIPAddressInfo",
"module_id": "PolicyL3Vpn",
"properties": {
"address_value": {
"$ref": "IPv4Address,
"description": "Value of the IPv4Address.",
"required": true,
"title": "Value of the IPv4Address"
},
"display_name": {
"description": "Display name used to help identify the IPv4Address.",
"required": false,
"title": "Display name of the IPv4Address",
"type": "string"
},
"next_hop": {
"$ref": "IPv4Address,
"description": "Next hop used in auto-plumbing of static route. If a value is not provided, static route will not be auto-plumbed.",
"required": false,
"title": "Next Hop of the IPv4Address"
}
},
"title": "IP address information",
"type": "object"
}
PolicyIgmpProfile (type)
{
"additionalProperties": false,
"description": "IGMP profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyIgmpProfile",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"last_member_query_interval": {
"default": 1,
"description": "Max Response Time inserted into Group-Specific Queries sent in response to Leave Group messages, and is also the amount of time between Group-Specific Query messages. This value may be tuned to modify the \"leave latency\" of the network. A reduced value results in reduced time to detect the loss of the last member of a group.",
"maximum": 25,
"minimum": 1,
"required": false,
"title": "Max Response Time",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"query_interval": {
"default": 30,
"description": "Interval(seconds) between general IGMP host-query messages.",
"maximum": 1800,
"minimum": 1,
"required": false,
"title": "Interval between general IGMP host-query messages",
"type": "int"
},
"query_max_response_time": {
"default": 10,
"description": "The query response interval(seconds) is the maximum amount of time that can elapse between when the querier router sends a host-query message and when it receives a response from a host. Configuring this interval allows admins to adjust the burstiness of IGMP messages on the subnet; larger values make the traffic less bursty, as host responses are spread out over a larger interval. The number of seconds represented by the query_max_response_time must be less than the query_interval.",
"maximum": 25,
"minimum": 1,
"required": false,
"title": "The maximum elapsed time between response",
"type": "int"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"robustness_variable": {
"default": 2,
"description": "The Robustness Variable allows tuning for the expected packet loss on a subnet. If a subnet is expected to be lossy, the Robustness Variable may be increased. IGMP is robust to (Robustness Variable-1) packet losses. The Robustness Variable must not be zero, and SHOULD NOT be one.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "The Robustness Variable",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "IGMP Profile",
"type": "object"
}
PolicyInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a security policy or rule w.r.t to another one.",
"id": "PolicyInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where security policy/rule needs to be placed\n",
"type": "object"
}
PolicyInterfaceOspfConfig (type)
{
"additionalProperties": false,
"description": "OSPF Interface configuration.",
"id": "PolicyInterfaceOspfConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bfd_path": {
"description": "This filed is valid only if enable_bfd is set to TRUE. If enable_bfd flag is set to TRUE, this profile will be applied to all OSPF peers in this interface. If this field is empty, bfd_path will refer to Tier-0 global BFD profile.",
"required": false,
"title": "Policy path of BFD profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_OSPF_BFD_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"dead_interval": {
"default": 40,
"description": "Specifies the number of seconds that router must wait before it declares a OSPF neighbor router down because it has not received OSPF hello packet. OSPF dead interval should be minimum 3 times greater than the hello interval",
"maximum": 65535,
"minimum": 3,
"required": false,
"title": "OSPF dead interval in seconds",
"type": "int"
},
"enable_bfd": {
"description": "Enable/Disable OSPF to register for BFD event. Use FALSE to disable BFD.",
"required": false,
"title": "enable BFD for OSPF",
"type": "boolean"
},
"enabled": {
"default": true,
"description": "enable/disable OSPF on the interface. If enabled flag not specified, defailt is enable OSPF.",
"title": "enable/disable OSPF",
"type": "boolean"
},
"hello_interval": {
"default": 10,
"description": "Specifies the interval between the hello packets that OSPF sends on this interface. OSPF hello interval should be less than the dead interval",
"maximum": 21845,
"minimum": 1,
"required": false,
"title": "OSPF hello interval in seconds",
"type": "int"
},
"network_type": {
"default": "BROADCAST",
"description": "Configure OSPF networkt type, default is BROADCAST network type",
"enum": [
"BROADCAST",
"P2P"
],
"required": false,
"title": "Configure OSPF networkt type",
"type": "string"
},
"ospf_area": {
"description": "Attache Tier0 Interface to specified OSPF Area. all peers.",
"required": true,
"title": "Attach Tier0 Interface to specified OSPF Area",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_OSPF_AREA_RELATIONSHIP",
"rightType": [
"OspfAreaConfig"
]
}
]
}
},
"title": "OSPF Interface configuration",
"type": "object"
}
PolicyInterfaceStatistics (type)
{
"additionalProperties": false,
"description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalRouterPortStatistics
},
"id": "PolicyInterfaceStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"per_node_statistics": {
"additionalProperties": false,
"items": {
"$ref": "LogicalRouterPortStatisticsPerNode
},
"readonly": true,
"required": false,
"title": "Per Node Statistics",
"type": "array"
}
},
"title": "Tier0 or Tier1 interface statistics on specific Enforcement Point",
"type": "object"
}
PolicyInterfaceStatisticsSummary (type)
{
"additionalProperties": false,
"description": "Tier0 or Tier1 interface statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalRouterPortStatisticsSummary
},
"id": "PolicyInterfaceStatisticsSummary",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"interface_policy_path": {
"description": "Policy path for the interface",
"title": "Policy path for the interface",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"readonly": true,
"title": "Timestamp when the data was last updated; unset if data source has never updated the data."
},
"logical_router_port_id": {
"required": true,
"title": "The ID of the logical router port",
"type": "string"
},
"rx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
},
"tx": {
"$ref": "LogicalRouterPortCounters,
"readonly": true,
"required": false
}
},
"title": "Tier0 or Tier1 interface statistics on specific Enforcement Point",
"type": "object"
}
PolicyL2TablesParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TransportNodeIdParameters
},
"id": "PolicyL2TablesParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Layer-2 table request parameters",
"type": "object"
}
PolicyLabel (type)
{
"additionalProperties": false,
"description": "Label to reference group of policy entities of same type.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyLabel",
"module_id": "PolicyLabel",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"refs": {
"description": "Policy entity paths referred by the label instance",
"items": {
"type": "string"
},
"required": false,
"title": "Policy entity paths referred by the label instance",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyLabel"
],
"relationshipType": "LABEL_REFS_RELATIONSHIP",
"rightType": []
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"description": "Policy intent entity type from PolicyResourceType",
"required": true,
"title": "Policy intent entity type from PolicyResourceType",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Label to reference group of policy entities of same type.",
"type": "object"
}
PolicyLabelListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyLabelListRequestParameters",
"module_id": "PolicyLabel",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PolicyLabel list request parameters",
"type": "object"
}
PolicyLabelListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyLabelListResult",
"module_id": "PolicyLabel",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyLabel
},
"required": true,
"title": "Policy label list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Domains",
"type": "object"
}
PolicyLatencyStatProfile (type)
{
"description": "Latency stat service profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyLatencyStatProfile",
"module_id": "PolicyLatency",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the latency profile.",
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pnic_latency_enabled": {
"default": false,
"description": "Enable or Disable pnic latency.",
"readonly": false,
"title": "Pnic latency enablement flag",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sampling_interval": {
"description": "Event nth milliseconds packet is sampled. When a value less than 1000 is given, the realized sampling interval will be 1000 milliseconds.",
"maximum": 1000000,
"minimum": 1,
"title": "Latency sampling interval",
"type": "integer"
},
"sampling_rate": {
"description": "Event nth packet is sampled.",
"maximum": 1000000,
"minimum": 100,
"title": "Latency sampling rate",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Latency Stat Profile",
"type": "object"
}
PolicyLatencyStatProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyLatencyStatProfileListRequestParameters",
"module_id": "PolicyLatency",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Latency profile request parameters",
"type": "object"
}
PolicyLatencyStatProfileListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyLatencyStatProfileListResult",
"module_id": "PolicyLatency",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Latency stat profile list.",
"items": {
"$ref": "PolicyLatencyStatProfile
},
"readonly": true,
"required": false,
"title": "Latency Stat Profile List",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "List of latency profile",
"type": "object"
}
PolicyListL2TablesParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListByNodeIdParameters
},
"id": "PolicyListL2TablesParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"title": "Layer-2 table list request parameters",
"type": "object"
}
PolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PolicyListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy list request parameters",
"type": "object"
}
PolicyListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "PolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of security policies",
"type": "object"
}
PolicyLiveTraceActionConfig (type)
{
"additionalProperties": false,
"id": "PolicyLiveTraceActionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"pktcap_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"required": false,
"title": "Configuration of packet capture action"
},
"trace_config": {
"$ref": "LiveTracePacketGranularActionConfig,
"required": false,
"title": "Configuration of trace action"
}
},
"title": "Livetrace action configuration",
"type": "object"
}
PolicyMetadataProxyStatistics (type)
{
"id": "PolicyMetadataProxyStatistics",
"module_id": "PolicyMetadataProxy",
"properties": {
"metadata_proxy_path": {
"required": true,
"title": "Policy path of metadata proxy configuration",
"type": "string"
},
"statistics": {
"items": {
"$ref": "MetadataProxyStatisticsPerSegment
},
"required": false,
"title": "Metadata Proxy statistics per segment",
"type": "array"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "timestamp of the statistics"
}
},
"type": "object"
}
PolicyMetadataProxyStatus (type)
{
"additionalProperties": false,
"id": "PolicyMetadataProxyStatus",
"module_id": "PolicyMetadataProxy",
"properties": {
"error_message": {
"required": false,
"title": "Error message, if available",
"type": "string"
},
"proxy_status": {
"description": "UP means the metadata proxy is working fine on both transport-nodes(if configured); DOWN means the metadata proxy is is down on both transport-nodes(if configured), hence the metadata proxy will not repsond to any metadata request; Error means there is an error on transport-node(s) or no status is reported from transport-node(s). The metadata proxy may be working (or not working); NO_BACK means metadata proxy is working on one of the transport node while not in the other transport-node (if configured). If the metadata proxy on the working transport-node goes down, the metadata proxy will go down.",
"enum": [
"UP",
"DOWN",
"ERROR",
"NO_BACKUP"
],
"required": true,
"type": "string"
},
"transport_nodes": {
"description": "Order of the transport nodes is insensitive because Metadata Proxy is running in Active-Active mode among target transport nodes.",
"items": {
"type": "string"
},
"required": true,
"title": "ids of transport nodes where this metadata proxy is running",
"type": "array"
}
},
"type": "object"
}
PolicyMulticastConfig (type)
{
"additionalProperties": false,
"description": "Multicast routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyMulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Enable/disable Multicast Configuration.",
"required": false,
"title": "Enable/disable Multicast Configuration",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"igmp_profile_path": {
"description": "Updates to IGMP profile applied on all Tier0 gateways consuming the configuration.",
"required": false,
"title": "Policy path to IGMP profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyMulticastConfig"
],
"relationshipType": "MULTICAST_IGMP_RELATIONSHIP",
"rightType": [
"PolicyIgmpProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pim_profile_path": {
"description": "Updates to PIM profile applied on all Tier0 gateways consuming the configuration.",
"required": false,
"title": "Policy path to PIM profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyMulticastConfig"
],
"relationshipType": "MULTICAST_PIM_RELATIONSHIP",
"rightType": [
"PolicyPimProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"replication_multicast_range": {
"description": "Replication multicast range. Required when enabled.",
"format": "ipv4-cidr-block",
"required": false,
"title": "Replication multicast range",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Multicast routing configuration",
"type": "object"
}
PolicyNATRuleCounters (type)
{
"additionalProperties": false,
"description": "Gives the statistics count of a NAT rule.",
"id": "PolicyNATRuleCounters",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
}
},
"title": "Statistics count",
"type": "object"
}
PolicyNat (type)
{
"additionalProperties": false,
"description": "Represents NAT section. This object is created by default when corresponding tier-0/tier-1 is created. Under tier-0/tier-1 there will be 4 different NATs(sections). (INTERNAL, USER, DEFAULT and NAT64).",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyNat",
"module_id": "PolicyNAT",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nat_type": {
"description": "Represents a NAT section under tier-0/tier-1.",
"enum": [
"INTERNAL",
"USER",
"DEFAULT",
"NAT64"
],
"title": "NAT section under tier-0/tier-1",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains list of NAT Rules",
"type": "object"
}
PolicyNatListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT list request parameters",
"type": "object"
}
PolicyNatListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNat
},
"required": true,
"title": "NAT list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of NAT Types",
"type": "object"
}
PolicyNatRule (type)
{
"additionalProperties": false,
"description": "Represents a NAT rule between source and destination at T0/T1 router.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyNatRule",
"module_id": "PolicyNAT",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "Source NAT(SNAT) - translates a source IP address in an outbound packet so that the packet appears to originate from a different network. SNAT is only supported when the logical router is running in active-standby mode. Destination NAT(DNAT) - translates the destination IP address of inbound packets so that packets are delivered to a target address into another network. DNAT is only supported when the logical router is running in active-standby mode. Reflexive NAT(REFLEXIVE) - IP-Range and CIDR are supported to define the \"n\". The number of original networks should be exactly the same as that of translated networks. The address translation is deterministic. Reflexive is supported on both Active/Standby and Active/Active LR. NO_SNAT and NO_DNAT - These do not have support for translated_fields, only source_network and destination_network fields are supported. NAT64 - translates an external IPv6 address to a internal IPv4 address.",
"enum": [
"SNAT",
"DNAT",
"REFLEXIVE",
"NO_SNAT",
"NO_DNAT",
"NAT64"
],
"required": true,
"title": "Represents action of NAT Rule SNAT, DNAT, REFLEXIVE",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For DNAT and NO_DNAT rules, this is a mandatory field, and represents the destination network for the incoming packets. For other type of rules, optionally it can contain destination network of outgoing packets. NULL value for this field represents ANY network.",
"required": false,
"title": "Represents the destination network"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "The flag, which suggests whether the NAT rule is enabled or disabled. The default is True.",
"title": "Policy NAT Rule enabled flag",
"type": "boolean"
},
"firewall_match": {
"default": "MATCH_INTERNAL_ADDRESS",
"description": "It indicates how the firewall matches the address after NATing if firewall stage is not skipped. MATCH_EXTERNAL_ADDRESS indicates the firewall will be applied to external address of a NAT rule. For SNAT, the external address is the translated source address after NAT is done. For DNAT, the external address is the original destination address before NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the translated source address after NAT is done; To ingress traffic, the firewall will be applied to the original destination address before NAT is done. MATCH_INTERNAL_ADDRESS indicates the firewall will be applied to internal address of a NAT rule. For SNAT, the internal address is the original source address before NAT is done. For DNAT, the internal address is the translated destination address after NAT is done. For REFLEXIVE, to egress traffic, the firewall will be applied to the original source address before NAT is done; To ingress traffic, the firewall will be applied to the translated destination address after NAT is done. BYPASS indicates the firewall stage will be skipped. For NO_SNAT or NO_DNAT, it must be BYPASS or leave it unassigned",
"enum": [
"MATCH_EXTERNAL_ADDRESS",
"MATCH_INTERNAL_ADDRESS",
"BYPASS"
],
"required": false,
"title": "Represents the firewall match flag",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"logging": {
"default": false,
"description": "The flag, which suggests whether the logging of NAT rule is enabled or disabled. The default is False.",
"title": "Policy NAT Rule logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Represents the array of policy paths of ProviderInterface or NetworkInterface or labels of type ProviderInterface or NetworkInterface or IPSecVpnSession on which the NAT rule should get enforced. The interfaces must belong to the same router for which the NAT Rule is created.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of policy paths of labels, ProviderInterface, NetworkInterface",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyNatRule"
],
"relationshipType": "NAT_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"Tier1Interface",
"Tier0Interface",
"PolicyLabel",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"default": 0,
"description": "The sequence_number decides the rule_priority of a NAT rule. Sequence_number and rule_priority have 1:1 mapping.For each NAT section, there will be reserved rule_priority numbers.The valid range of rule_priority number is from 0 to 2147483647(MAX_INT). 1. INTERNAL section rule_priority reserved from 0 - 1023 (1024 rules) valid sequence_number range 0 - 1023 2. USER section rule_priority reserved from 1024 - 2147482623 (2147481600 rules) valid sequence_number range 0 - 2147481599 3. DEFAULT section rule_priority reserved from 2147482624 - 2147483647 (1024 rules) valid sequence_number range 0 - 1023",
"title": "Sequence number of the Nat Rule",
"type": "int"
},
"service": {
"description": "It represents the path of Service on which the NAT rule will be applied. If not provided or if it is blank then Policy manager will consider it as ANY. Please note, if this is a DNAT, the destination_port of the service will be realized on NSX Manager as the translated_port. And if this is a SNAT, the destination_port will be ignored.",
"required": false,
"title": "Represents the service on which the NAT rule will be applied",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyNatRule"
],
"relationshipType": "NAT_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
}
]
},
"source_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT, NO_SNAT, NAT64 and REFLEXIVE rules, this is a mandatory field and represents the source network of the packets leaving the network. For DNAT and NO_DNAT rules, optionally it can contain source network of incoming packets. NULL value for this field represents ANY network.",
"required": false,
"title": "Represents the source network address"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"translated_network": {
"$ref": "IPElementList,
"description": "This supports single IP address or comma separated list of single IP addresses or CIDR. This does not support IP range or IP sets. For SNAT, DNAT, NAT64 and REFLEXIVE rules, this ia a mandatory field, which represents the translated network address. For NO_SNAT and NO_DNAT this should be empty.",
"required": false,
"title": "Represents the translated network address"
},
"translated_ports": {
"$ref": "PortElement,
"description": "Please note, if there is service configured in this NAT rule, the translated_port will be realized on NSX Manager as the destination_port. If there is no sevice configured, the port will be ignored.",
"required": false,
"title": "Port number or port range"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents a NAT rule between source and destination at T0/T1 router",
"type": "object"
}
PolicyNatRuleListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatRuleListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT Rule list request parameters",
"type": "object"
}
PolicyNatRuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRule
},
"required": true,
"title": "NAT Rules list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of NAT Rules",
"type": "object"
}
PolicyNatRuleStatistics (type)
{
"additionalProperties": false,
"description": "Gives the Statistics of a NAT rule.",
"extends": {
"$ref": "PolicyNATRuleCounters
},
"id": "PolicyNatRuleStatistics",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
},
"warning_message": {
"description": "The warning message about the NAT Rule Statistics.",
"readonly": true,
"title": "Warning Message",
"type": "string"
}
},
"title": "Statistics of NAT Rule",
"type": "object"
}
PolicyNatRuleStatisticsListRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameter to get NAT rule statistics.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyNatRuleStatisticsListRequestParameters",
"module_id": "PolicyNAT",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "NAT Rule statistics list request parameters",
"type": "object"
}
PolicyNatRuleStatisticsListResult (type)
{
"additionalProperties": false,
"description": "Gives the collection of NAT rule statistics per enforcement point.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleStatisticsListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRuleStatisticsPerEnforcementPoint
},
"required": true,
"title": "NAT rules statistics per enforcement point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of NAT Rule statistics",
"type": "object"
}
PolicyNatRuleStatisticsPerEnforcementPoint (type)
{
"additionalProperties": false,
"description": "Gives the statistics of a NAT rule per enforcement point.",
"id": "PolicyNatRuleStatisticsPerEnforcementPoint",
"module_id": "PolicyNAT",
"properties": {
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point from where the statistics are fetched.",
"title": "Enforcement point Path",
"type": "string"
},
"rule_path": {
"description": "Path of NAT Rule.",
"title": "Path of NAT Rule",
"type": "string"
},
"rule_statistics": {
"description": "Gives NAT rule stats on an enforcement point.",
"items": {
"$ref": "PolicyNatRuleStatistics
},
"readonly": true,
"title": "Rule statistics per enforcement point",
"type": "array"
}
},
"title": "Statistics of NAT Rule per enforcement point",
"type": "object"
}
PolicyNatRuleStatisticsPerLogicalRouter (type)
{
"additionalProperties": false,
"description": "Gives the statistics of a NAT rule per logical router on specified enforcement point.",
"id": "PolicyNatRuleStatisticsPerLogicalRouter",
"module_id": "PolicyNAT",
"properties": {
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point from where the statistics are fetched.",
"title": "Enforcement point Path",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"per_node_statistics": {
"description": "Detailed Rule statistics per logical router.",
"items": {
"$ref": "PolicyNatRuleStatisticsPerTransportNode
},
"readonly": true,
"title": "Detailed Rule statistics",
"type": "array"
},
"router_path": {
"description": "Path of the router.",
"title": "Router path",
"type": "string"
},
"statistics": {
"$ref": "PolicyNATRuleCounters,
"description": "Rolled up statistics for all rules on the logical router.",
"readonly": true,
"title": "Rolled up statistics"
}
},
"title": "Statistics of NAT Rule per logical router",
"type": "object"
}
PolicyNatRuleStatisticsPerLogicalRouterListResult (type)
{
"additionalProperties": false,
"description": "Gives the collection of NAT rule statistics per logical router on specified enforcement point.",
"extends": {
"$ref": "ListResult
},
"id": "PolicyNatRuleStatisticsPerLogicalRouterListResult",
"module_id": "PolicyNAT",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyNatRuleStatisticsPerLogicalRouter
},
"required": true,
"title": "NAT rules statistics per logical router",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of NAT rule statistics per logical router",
"type": "object"
}
PolicyNatRuleStatisticsPerTransportNode (type)
{
"additionalProperties": false,
"description": "Gives the Statistics of a NAT rule.",
"extends": {
"$ref": "PolicyNATRuleCounters
},
"id": "PolicyNatRuleStatisticsPerTransportNode",
"module_id": "PolicyNAT",
"properties": {
"active_sessions": {
"description": "Gives the total number of active sessions.",
"readonly": true,
"title": "Active sessions",
"type": "integer"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated.",
"readonly": true,
"title": "Last update timestamp"
},
"total_bytes": {
"description": "Gives the total number of bytes.",
"readonly": true,
"title": "Total bytes",
"type": "integer"
},
"total_packets": {
"description": "Gives the total number of packets.",
"readonly": true,
"title": "Total packets",
"type": "integer"
},
"transport_node_path": {
"description": "Policy path of the Edge Node.",
"readonly": true,
"title": "Node path",
"type": "string"
}
},
"title": "Statistics of NAT Rule",
"type": "object"
}
PolicyNonCompliantConfig (type)
{
"id": "PolicyNonCompliantConfig",
"module_id": "PolicyCompliance",
"properties": {
"affected_resources": {
"description": "Resources/Services impacted by non compliant configuration",
"items": {
"$ref": "PolicyResourceReference
},
"readonly": true,
"title": "Resources/Services impacted by non compliant configuration",
"type": "array"
},
"description": {
"readonly": true,
"title": "Detail description of non compliant configuration with suggestive action",
"type": "string"
},
"non_compliance_code": {
"readonly": true,
"title": "Code for non compliant configuration",
"type": "integer"
},
"reported_by": {
"$ref": "PolicyResourceReference,
"readonly": true,
"title": "Id and name of non compliant resource/service"
}
},
"type": "object"
}
PolicyNsLookupParameters (type)
{
"extends": {
"$ref": "PolicyRuntimeOnEpRequestParameters
},
"id": "PolicyNsLookupParameters",
"module_id": "PolicyDnsForwarder",
"properties": {
"address": {
"required": false,
"title": "IP address or FQDN for nslookup",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"type": "object"
}
PolicyPimProfile (type)
{
"additionalProperties": false,
"description": "PIM profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyPimProfile",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bsm_enabled": {
"default": true,
"description": "Enable/disable bootstrap messaging Configuration.",
"required": false,
"title": "Enable/disable bootstrap messaging Configuration",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rp_address": {
"$ref": "IPAddress,
"description": "Static IPv4 multicast address configuration.",
"required": false,
"title": "Static IPv4 multicast address configuration"
},
"rp_address_multicast_ranges": {
"description": "Static IPv4 multicast address and assciated multicast groups configuration.",
"items": {
"$ref": "RpAddressMulticastRanges
},
"required": false,
"title": "Static IPv4 multicast address and assciated multicast groups configuration",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "PIM profile",
"type": "object"
}
PolicyPoolUsage (type)
{
"additionalProperties": false,
"description": "IP usage statistics in a IpAddressPool.",
"id": "PolicyPoolUsage",
"module_id": "PolicyIpam",
"properties": {
"allocated_ip_allocations": {
"description": "Total number of allocated IPs shown are from NSX manager. NSX manager uses default release delay of 2 mins. Till this delay passes, IPs will be shown as allocated (and counted in allocated ips). In this period of time there could be mismatch in requested_ip_allocations and allocated_ip_allocations.",
"readonly": true,
"title": "Total number of allocated IPs in a IpAddressPool",
"type": "integer"
},
"available_ips": {
"readonly": true,
"title": "Total number of available IPs in a IpAddressPool",
"type": "integer"
},
"requested_ip_allocations": {
"readonly": true,
"title": "Total number of requested IP allocations in a IpAddressPool",
"type": "integer"
},
"total_ips": {
"readonly": true,
"title": "Total number of IPs in a IpAddressPool",
"type": "integer"
}
},
"type": "object"
}
PolicyRealizedResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Abstract base class for all the realized policy objects",
"extends": {
"$ref": "PolicyResource
},
"id": "PolicyRealizedResource",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base class for all the realized policy objects",
"type": "object"
}
PolicyRelatedApiError (type)
{
"id": "PolicyRelatedApiError",
"module_id": "PolicyRealizedState",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
}
},
"title": "Detailed information about errors from API call to an enforcement point",
"type": "object"
}
PolicyRequestParameter (type)
{
"additionalProperties": false,
"description": "Optional API Request Parameter to be used in HAPI.",
"id": "PolicyRequestParameter",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Represents optional API request parameter to be used in HAPI",
"type": "object"
}
PolicyResource (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Abstract base class for all the policy objects.",
"extends": {
"$ref": "ManagedResource
},
"id": "PolicyResource",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base class for all the policy objects",
"type": "object"
}
PolicyResourceReference (type)
{
"additionalProperties": false,
"description": "Policy resource reference.",
"extends": {
"$ref": "ResourceReference
},
"id": "PolicyResourceReference",
"module_id": "Policy",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"path": {
"description": "Absolute path of this object.",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Policy resource reference",
"type": "object"
}
PolicyResourceReferenceForEP (type)
{
"additionalProperties": false,
"description": "Policy resource reference for enforcement point",
"extends": {
"$ref": "PolicyResourceReference
},
"id": "PolicyResourceReferenceForEP",
"module_id": "PolicyGroupRealization",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"path": {
"description": "Absolute path of this object.",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Policy resource reference for enforcement point",
"type": "object"
}
PolicyResourceReferenceForEPListResult (type)
{
"additionalProperties": false,
"description": "Paginated collection of policy resource references for enforcement point",
"extends": {
"$ref": "ListResult
},
"id": "PolicyResourceReferenceForEPListResult",
"module_id": "PolicyGroupRealization",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyResourceReferenceForEP
},
"required": true,
"title": "Paged Collection of policy resource references for enforcement point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy resource reference list for enforcement point",
"type": "object"
}
PolicyResourceReferenceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyResourceReferenceListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyResourceReference
},
"required": true,
"title": "Policy resource references list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of PolicyResourceReference",
"type": "object"
}
PolicyRuntimeAlarm (type)
{
"description": "Alarm associated with the PolicyRuntimeInfoPerEP that exposes potential errors when retrieving runtime information from the enforcement point.",
"id": "PolicyRuntimeAlarm",
"module_id": "PolicyBaseStatistics",
"properties": {
"error_details": {
"$ref": "PolicyApiError,
"description": "Detailed information about errors from an API call made to the enforcement point, if any.",
"readonly": true,
"title": "Error Detailed Information"
},
"error_id": {
"description": "Alarm error id.",
"readonly": true,
"title": "Alarm Error Id",
"type": "string"
},
"message": {
"description": "Error message describing the issue.",
"readonly": true,
"title": "Error Message to Describe the Issue",
"type": "string"
}
},
"title": "Alarm of PolicyRuntimeInfoPerEP",
"type": "object"
}
PolicyRuntimeInfoPerEP (type)
{
"abstract": true,
"description": "Runtime Info Per Enforcement Point.",
"id": "PolicyRuntimeInfoPerEP",
"module_id": "PolicyBaseStatistics",
"properties": {
"alarm": {
"$ref": "PolicyRuntimeAlarm,
"description": "Alarm information details.",
"readonly": true,
"title": "Alarm Information Details"
},
"enforcement_point_path": {
"description": "Policy Path referencing the enforcement point where the info is fetched.",
"readonly": true,
"title": "Enforcement point Path",
"type": "string"
}
},
"title": "PolicyRuntimeInfoPerEP",
"type": "object"
}
PolicyRuntimeOnEpRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request on runtime information can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.",
"id": "PolicyRuntimeOnEpRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Runtime on enforcement point",
"type": "object"
}
PolicyRuntimeRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path and data source. A request on runtime information can be parameterized with this pair and will be evaluted as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - an enforcement point path is specified: the request is evaluated only on the given enforcement point.",
"extends": {
"$ref": "DataSourceParameters
},
"id": "PolicyRuntimeRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Policy Runtime Information",
"type": "object"
}
PolicySIExcludeList (type)
{
"additionalProperties": false,
"description": "List of entities where Service Insertion will not be enforced. Exclusion List can contain PolicyGroup(s) or SegmentPort(s) or Segment(s).",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicySIExcludeList",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"members": {
"description": "List of the members in the exclude list",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "ExcludeList member list",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicySIExcludeList"
],
"relationshipType": "SI_EXCLUDE_LIST_RELATIONSHIP",
"rightType": [
"Segment",
"SegmentPort",
"Group"
]
}
]
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Insertion Exclusion List",
"type": "object"
}
PolicySIStatusConfiguration (type)
{
"description": "It represents status of Service Insertion for North-South and East-West context types.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicySIStatusConfiguration",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"east_west_enabled": {
"default": false,
"description": "If set to true, service insertion for east-west traffic is enabled.",
"title": "East-West status flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"north_south_enabled": {
"default": false,
"description": "If set to true, service insertion for north-south traffic is enabled.",
"title": "North-South status flag",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Insertion Status",
"type": "object"
}
PolicyServiceChain (type)
{
"description": "Service chain is a set of network Services. A Service chain is made up of ordered list of service profiles belonging to any same or different services.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyServiceChain",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_policy": {
"default": "ALLOW",
"description": "Failure policy for the service defines the action to be taken i.e to allow or to block the traffic during failure scenarios.",
"enum": [
"ALLOW",
"BLOCK"
],
"readonly": false,
"required": false,
"title": "Failure Policy",
"type": "string"
},
"forward_path_service_profiles": {
"description": "Forward path service profiles are applied to ingress traffic.",
"items": {
"type": "string"
},
"maxItems": 4,
"readonly": false,
"required": true,
"title": "Forward path service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"path_selection_policy": {
"default": "ANY",
"description": "Path selection policy can be - ANY - Service Insertion is free to redirect to any service path regardless of any load balancing considerations or flow pinning. LOCAL - Preference to be given to local service insances. REMOTE - Preference to be given to the SVM co-located on the same host. ROUND_ROBIN - All active service paths are hit with equal probability.",
"enum": [
"ANY",
"LOCAL",
"REMOTE",
"ROUND_ROBIN"
],
"readonly": false,
"required": false,
"title": "Path Selection Policy",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"reverse_path_service_profiles": {
"description": "Reverse path service profiles are applied to egress traffic and is optional. 2 different set of profiles can be defined for forward and reverse path. If not defined, the reverse of the forward path service profile is applied.",
"items": {
"type": "string"
},
"maxItems": 4,
"readonly": false,
"required": false,
"title": "Reverse path service profiles",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyServiceProfile"
]
}
]
},
"service_segment_path": {
"description": "Path to service segment using which the traffic needs to be redirected.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Path to service segment",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyServiceChain"
],
"relationshipType": "SERVICE_CHAIN_TO_SERVICE_SEGMENT_RELATIONSHIP",
"rightType": [
"ServiceSegment"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Service Chain",
"type": "object"
}
PolicyServiceInstance (type)
{
"additionalProperties": false,
"description": "Represents an instance of partner Service and its configuration.",
"extends": {
"$ref": "BasePolicyServiceInstance
},
"id": "PolicyServiceInstance",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyServiceInstance"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. There attributes are passed on to the partner appliance.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"required": true,
"title": "Deployment Template attributes",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"compute_id": {
"description": "Id of the compute(ResourcePool) to which this service needs to be deployed.",
"required": true,
"title": "Id of the compute resource.",
"type": "string"
},
"context_id": {
"description": "UUID of VCenter/Compute Manager as seen on NSX Manager, to which this service needs to be deployed.",
"required": false,
"title": "Id of the compute manager",
"type": "string"
},
"deployment_mode": {
"default": "ACTIVE_STANDBY",
"description": "Deployment mode specifies how the partner appliance will be deployed i.e. in HA or standalone mode.",
"enum": [
"STAND_ALONE",
"ACTIVE_STANDBY"
],
"readonly": false,
"required": false,
"title": "Deployment Mode",
"type": "string"
},
"deployment_spec_name": {
"description": "Form factor for the deployment of partner service.",
"required": true,
"title": "Name of the Deployment Specification",
"type": "string"
},
"deployment_template_name": {
"description": "Template for the deployment of partnet service.",
"required": true,
"title": "Name of the Deployment Template",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failure_policy": {
"default": "BLOCK",
"description": "Failure policy for the Service VM. If this values is not provided, it will be defaulted to FAIL_CLOSE.",
"enum": [
"ALLOW",
"BLOCK"
],
"required": false,
"title": "Failure policy for the Service VM",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service in the Marketplace",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"primary_gateway_address": {
"$ref": "IPElement,
"description": "Gateway address for primary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided.",
"required": false,
"title": "Gateway for primary management console"
},
"primary_interface_mgmt_ip": {
"$ref": "IPElement,
"description": "Management IP Address of primary interface of the Service",
"required": true,
"title": "Management IP Address of primary interface of the Service"
},
"primary_interface_network": {
"description": "Path of the segment to which primary interface of the Service VM needs to be connected",
"required": false,
"title": "Path of the segment to which primary interface of the Service VM needs to be connected",
"type": "string"
},
"primary_portgroup_id": {
"description": "Id of the standard or ditsributed port group for primary management console. Please note that only 1 of the 2 values from 1. primary_interface_network 2. primary_portgroup_id are allowed to be passed. Both can't be passed in the same request.",
"required": false,
"title": "Id of the standard or ditsributed port group for primary management console",
"type": "string"
},
"primary_subnet_mask": {
"$ref": "IPElement,
"description": "Subnet for primary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided.",
"required": false,
"title": "Subnet for primary management console IP"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"secondary_gateway_address": {
"$ref": "IPElement,
"description": "Gateway address for secondary management console. If the provided segment already has gateway, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have gateway, this field must be provided.",
"required": false,
"title": "Gateway for secondary management console"
},
"secondary_interface_mgmt_ip": {
"$ref": "IPElement,
"description": "Management IP Address of secondary interface of the Service",
"required": false,
"title": "Management IP Address of secondary interface of the Service"
},
"secondary_interface_network": {
"description": "Path of segment to which secondary interface of the Service VM needs to be connected",
"required": false,
"title": "Path of segment to which secondary interface of the Service VM needs to be connected",
"type": "string"
},
"secondary_portgroup_id": {
"description": "Id of the standard or ditsributed port group for secondary management console. Please note that only 1 of the 2 values from 1. secondary_interface_network 2. secondary_portgroup_id are allowed to be passed. Both can't be passed in the same request.",
"required": false,
"title": "Id of the standard or ditsributed port group for secondary management console",
"type": "string"
},
"secondary_subnet_mask": {
"$ref": "IPElement,
"description": "Subnet for secondary management console IP. If the provided segment already has subnet, this field can be omitted. But if it is provided, it takes precedence always. However, if provided segment does not have subnet, this field must be provided.",
"required": false,
"title": "Subnet for secondary management console IP"
},
"storage_id": {
"description": "Id of the storage(Datastore). VC moref of Datastore to which this service needs to be deployed.",
"required": true,
"title": "Id of the storage",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_type": {
"default": "L2_BRIDGE",
"description": "Transport to be used while deploying Service-VM.",
"enum": [
"L2_BRIDGE",
"L3_ROUTED"
],
"readonly": false,
"required": false,
"title": "Transport Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents an instance of partner Service and its configuration",
"type": "object"
}
PolicyServiceProfile (type)
{
"description": "Service profile represents specialization of a vendor template. User may provide any of the vendor_template_name or vendor_template_key properties. But in case of multiple vendor templates with the same name, it is recommended to use the vendor_template_key. When both attributes are provided, name is ignored and only key is used to identify the template. If there are multiple templates with same name, and vendor_template_name is provided, realization will fail.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyServiceProfile",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attributes": {
"description": "List of attributes specific to a partner for which the service is created. These attributes are passed on to the partner appliance and are opaque to NSX. If a vendor template exposes configurable parameters, then their values are specified here.",
"items": {
"$ref": "Attribute
},
"maxItems": 128,
"readonly": false,
"required": false,
"title": "Service profile attributes",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"redirection_action": {
"description": "The redirection action represents if the packet is exclusively redirected to the service, or if a copy is forwarded to the service. Redirection action is not applicable to guest introspection service.",
"enum": [
"PUNT",
"COPY"
],
"readonly": false,
"required": false,
"title": "Redirection action",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vendor_template_key": {
"description": "The vendor template key property of actual vendor template. This should be used when multiple templates with same name exist.",
"required": false,
"title": "Vendor Template Key",
"type": "string"
},
"vendor_template_name": {
"description": "Name of the vendor template for which this Service Profile is being created.",
"readonly": false,
"required": false,
"title": "Vendor template name",
"type": "string"
}
},
"title": "Policy Service Profile for a given Service",
"type": "object"
}
PolicyStatisticsAggregateParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter for aggregating Policy statistics on enforcement point.",
"extends": {
"$ref": "StatisticsRequestParameters
},
"id": "PolicyStatisticsAggregateParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"action": {
"description": "Action to take on statistics for an object.",
"enum": [
"aggregate"
],
"required": false,
"title": "Action on statistics",
"type": "string"
},
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Statistics Aggregate",
"type": "object"
}
PolicyStatisticsResetParameters (type)
{
"additionalProperties": false,
"description": "Request Parameter for resetting Policy statistics on enforcement point.",
"extends": {
"$ref": "PolicyRuntimeOnEpRequestParameters
},
"id": "PolicyStatisticsResetParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"action": {
"description": "Action to take on statistics for an object.",
"enum": [
"reset"
],
"required": true,
"title": "Action on statistics",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Request Parameters for Policy Statistics Reset",
"type": "object"
}
PolicySubAttributes (type)
{
"additionalProperties": false,
"id": "PolicySubAttributes",
"module_id": "PolicyContextProfile",
"properties": {
"datatype": {
"enum": [
"STRING"
],
"required": true,
"title": "Datatype for sub attribute",
"type": "string"
},
"key": {
"enum": [
"TLS_CIPHER_SUITE",
"TLS_VERSION",
"CIFS_SMB_VERSION"
],
"required": true,
"title": "Key for sub attribute",
"type": "string"
},
"value": {
"description": "Multiple sub attribute values can be specified as elements of array.",
"items": {
"type": "string"
},
"minItems": 1,
"required": true,
"title": "Value for sub attribute key",
"type": "array",
"uniqueItems": true
}
},
"title": "Policy Sub Attributes data holder",
"type": "object"
}
PolicyTask (type)
{
"abstract": true,
"additionalProperties": false,
"description": "This object holds the information of the task.",
"extends": {
"$ref": "TaskProperties
},
"id": "PolicyTask",
"module_id": "PolicyTask",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"failure_msg": {
"description": "This property holds the reason of the task failure, if any.",
"readonly": true,
"title": "Reason of the task failure",
"type": "string"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Task information",
"type": "object"
}
PolicyTepCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "PolicyTepCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "PolicyTepTableCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
PolicyTepListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTepListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyTepTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
PolicyTepTableCsvRecord (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "PolicyTepTableCsvRecord",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"segment_id": {
"description": "This is the identifier of the TEP segment. This segment is NOT the same as logical segment or logical switch.",
"required": false,
"title": "TEP segment identifier",
"type": "string"
},
"tep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The tunnel endpoint IP address"
},
"tep_label": {
"required": true,
"title": "The tunnel endpoint label",
"type": "integer"
},
"tep_mac_address": {
"required": true,
"title": "The tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
PolicyTepTableEntry (type)
{
"additionalProperties": false,
"id": "PolicyTepTableEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"segment_id": {
"required": false,
"title": "The segment Id",
"type": "string"
},
"tep_ip": {
"$ref": "IPAddress,
"required": false,
"title": "The tunnel endpoint IP address"
},
"tep_label": {
"required": false,
"title": "The tunnel endpoint label",
"type": "integer"
},
"tep_mac_address": {
"required": false,
"title": "The tunnel endpoint MAC address",
"type": "string"
}
},
"type": "object"
}
PolicyTier1MulticastConfig (type)
{
"additionalProperties": false,
"description": "Multicast routing configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTier1MulticastConfig",
"module_id": "PolicyMulticast",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": false,
"description": "Enable/disable Multicast Configuration. Whenever service router needs to be added/deleted from tier1, user needs to disable multicast first.",
"required": false,
"title": "Enable/disable Multicast Configuration",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Multicast routing configuration",
"type": "object"
}
PolicyTimeIntervalValue (type)
{
"id": "PolicyTimeIntervalValue",
"module_id": "PolicyFirewallScheduler",
"properties": {
"end_interval": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 17:30.",
"required": true,
"title": "End time of the interval",
"type": "string"
},
"start_interval": {
"description": "Time in 24 hour and minutes in multiple of 30. Example, 9:00.",
"required": true,
"title": "Start time of the interval",
"type": "string"
}
},
"title": "Time interval on which firewall schedule will be applicable",
"type": "object"
}
PolicyTlsConfigProfile (type)
{
"description": "A profile holding tls configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTlsConfigProfile",
"module_id": "PolicyTlsConfigProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"cache": {
"default": false,
"description": "Turn on TLS cache",
"readonly": false,
"required": true,
"title": "Turn on TLS cache",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"ssl_cache_size": {
"description": "TLS SSL cache size",
"readonly": false,
"required": false,
"title": "TLS SSL cache size",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Tls config profile",
"type": "object"
}
PolicyTlsConfigProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyTlsConfigProfileListRequestParameters",
"module_id": "PolicyTlsConfigProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy TLS config profile list request parameters",
"type": "object"
}
PolicyTlsConfigProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTlsConfigProfileListResult",
"module_id": "PolicyTlsConfigProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyTlsConfigProfile
},
"required": true,
"title": "Policy TLS config profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Policy TLS config profiles",
"type": "object"
}
PolicyTraceflowObservationDelivered (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDelivered
},
"id": "PolicyTraceflowObservationDelivered",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDelivered"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the gateway/gateway interface into which the traceflow packet was delivered (e.g.,\nTier1, Tier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"title": "Path of gateway or gateway interface",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"resolution_type": {
"description": "This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by port DB ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP ARP_VM - No suppression and the ARP request is resolved.",
"enum": [
"UNKNOWN",
"ARP_SUPPRESSION_PORT_CACHE",
"ARP_SUPPRESSION_TABLE",
"ARP_SUPPRESSION_CP_QUERY",
"ARP_VM"
],
"readonly": true,
"required": false,
"title": "The resolution type of the delivered message for ARP",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"readonly": true,
"required": false,
"title": "The path of the segment port into which the traceflow packet was delivered.",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"target_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address of the resolved IP by ARP",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan_id": {
"$ref": "VlanID,
"required": false,
"title": "VLAN on bridged network"
}
},
"type": "object"
}
PolicyTraceflowObservationDropped (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDropped
},
"id": "PolicyTraceflowObservationDropped",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDropped"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the gateway/gateway interface into which the traceflow packet was delivered (e.g.,\nTier1, Tier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"title": "Path of gateway or gateway interface",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"readonly": true,
"required": false,
"title": "The path of the segment port into which the traceflow packet was dropped.",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTraceflowObservationDroppedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationDroppedLogical
},
"id": "PolicyTraceflowObservationDroppedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationDroppedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that dropped the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that dropped the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the gateway/gateway interface into which the traceflow packet was delivered (e.g.,\nTier1, Tier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"title": "Path of gateway or gateway interface",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"jumpto_rule_path": {
"description": "The path of the jump-to rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "Jump-to Rule Path",
"type": "string"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_path": {
"description": "The path of the l2 rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "L2 Rule Path",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"readonly": true,
"required": false,
"title": "The path of the segment port into which the traceflow packet was dropped.",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_path_index": {
"description": "The index of service path that is a chain of services represents the point where the traceflow packet was dropped.",
"readonly": true,
"required": false,
"title": "The index of service path",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTraceflowObservationForwardedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationForwardedLogical
},
"id": "PolicyTraceflowObservationForwardedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationForwardedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to forward the traceflow packet",
"type": "integer"
},
"acl_rule_path": {
"description": "The path of the ACL rule that was applied to forward the traceflow packet",
"readonly": true,
"title": "Access Control List Rule Path",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that forwarded the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that forwarded the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_component_id": {
"readonly": true,
"required": false,
"title": "The id of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_name": {
"readonly": true,
"required": false,
"title": "The name of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_path": {
"readonly": true,
"required": false,
"title": "The path of the destination component to which the traceflow packet was forwarded",
"type": "string"
},
"dst_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the destination component to which the traceflow packet was forwarded."
},
"interface_path": {
"Description": "The path of the gateway/gateway interface into which the traceflow packet was delivered (e.g.,\nTier1, Tier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"title": "Path of gateway or gateway interface",
"type": "string"
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"jumpto_rule_path": {
"description": "The path of the jump-to rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "Jump-to Rule Path",
"type": "string"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_path": {
"description": "The path of the l2 rule that was applied to the traceflow packet",
"readonly": true,
"required": false,
"title": "L2 Rule Path",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to forward the traceflow packet",
"type": "integer"
},
"nat_rule_path": {
"description": "The path of the NAT rule that was applied to forward the traceflow packet",
"readonly": true,
"required": false,
"title": "Network Address Translation Rule Path",
"type": "string"
},
"resend_type": {
"description": "ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type",
"enum": [
"UNKNOWN",
"ARP_UNKNOWN_FROM_CP",
"ND_NS_UNKNWON_FROM_CP"
],
"readonly": true,
"required": false,
"title": "The type of packet resending",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"readonly": true,
"required": false,
"title": "The path of the segment port into which the traceflow packet was forwared.",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_index": {
"readonly": true,
"required": false,
"title": "The index of the service insertion component",
"type": "integer"
},
"service_path_index": {
"readonly": true,
"required": false,
"title": "The path index of the service insertion component",
"type": "integer"
},
"service_ttl": {
"readonly": true,
"required": false,
"title": "The ttl of the service insertion component",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"spoofguard_ip": {
"$ref": "IPCIDRBlock,
"description": "This field specified the prefix IP address a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "Prefix IP address matched in the whitelist in spoofguard"
},
"spoofguard_mac": {
"$ref": "MACAddress,
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address matched in the whitelist in spoofguard"
},
"spoofguard_vlan_id": {
"$ref": "VlanID,
"description": "This field specified the VLAN id a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "VLAN id matched in the whitelist in spoofguard"
},
"svc_nh_mac": {
"description": "MAC address of nexthop for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of nexthop",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"translated_dst_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated destination IP address of VNP/NAT"
},
"translated_src_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated source IP address of VPN/NAT"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was forwarded by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was forwarded"
},
"vni": {
"description": "This field is specified when the traceflow packet was forwarded by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was forwarded.",
"type": "int"
}
},
"type": "object"
}
PolicyTraceflowObservationReceivedLogical (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TraceflowObservationReceivedLogical
},
"id": "PolicyTraceflowObservationReceivedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationReceivedLogical"
},
"properties": {
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that received the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_path": {
"readonly": true,
"required": false,
"title": "The path of the component that received the traceflow packet",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"interface_path": {
"Description": "The path of the gateway/gateway interface into which the traceflow packet was delivered (e.g.,\nTier1, Tier0 Interface, Tier1 Interface, Service Interface, and Virtual Tunnel Interface).\n",
"title": "Path of gateway or gateway interface",
"type": "string"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was received",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was received",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"segment_port_path": {
"readonly": true,
"required": false,
"title": "The path of the segment port into which the traceflow packet was received.",
"type": "string"
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"src_component_id": {
"readonly": true,
"required": false,
"title": "The id of the source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_name": {
"readonly": true,
"required": false,
"title": "The name of source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_path": {
"readonly": true,
"required": false,
"title": "The path of the source component from which the traceflow packet was received",
"type": "string"
},
"src_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the source component from which the traceflow packet was received."
},
"svc_mac": {
"description": "MAC address of SAN volume controller for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of SAN volume controller",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was received by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was received."
},
"vni": {
"description": "This field is specified when the traceflow packet was received by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was received.",
"type": "int"
}
},
"type": "object"
}
PolicyTraceflowObservationRelayedLogical (type)
{
"extends": {
"$ref": "TraceflowObservationRelayedLogical
},
"id": "PolicyTraceflowObservationRelayedLogical",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "PolicyTraceflowObservationRelayedLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the destination which the packet will be relayed.",
"readonly": true,
"required": true,
"title": "The IP address of the destination"
},
"logical_comp_uuid": {
"description": "This field specified the logical component that relay service located.",
"readonly": true,
"required": false,
"title": "The id of the component which relay service located",
"type": "string"
},
"logical_component_path": {
"description": "This field specifies the logical component that relay service located on.",
"readonly": true,
"required": false,
"title": "The path of the component on which relay service located",
"type": "string"
},
"message_type": {
"default": "REQUEST",
"description": "This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client",
"enum": [
"REQUEST",
"REPLY"
],
"readonly": true,
"required": true,
"title": "The type of the relay service",
"type": "string"
},
"relay_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the relay service.",
"readonly": true,
"required": true,
"title": "The IP address of relay service"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
PolicyTransportZone (type)
{
"description": "Transport Zone.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTransportZone",
"module_id": "PolicyTransportZone",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "Flag to indicate if the transport zone is the default one. Only one transport zone can be the default one for a given transport zone type.",
"title": "Flag to indicate if the transport zone is the default one",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"nested_nsx": {
"default": false,
"description": "This flag should be set to true in nested NSX environment. When the \"allow_changing_vdr_mac_in_use\" property in the global config object RoutingGlobalConfig is false, this flag can not be changed if this transport zone is OVERLAY and the change will make any transport node in this transport zone to change the VDR MAC used in any host switch. When this flag is true and this transport zone is OVERLAY, all host switches in this transport zone will use the VDR MAC in the \"vdr_mac_nested\" property in the global config object RoutingGlobalConfig.",
"required": false,
"title": "Flag to indicate if all transport nodes in this transport zone are connected through nested NSX.",
"type": "boolean"
},
"nsx_id": {
"description": "UUID of transport zone on NSX-T enforcement point.",
"readonly": true,
"title": "Transport Zone UUID on NSX-T Enforcement Point",
"type": "string"
},
"origin_id": {
"description": "This field is populated only if the transport zone was created by NSX system to support security on vSphere Distributed Switch (vDS). The origin_id will refer to the identifier of corresponding vDS from it's parent vCenter server.",
"readonly": true,
"required": false,
"title": "The host switch id generated by the system.",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_profile_paths": {
"description": "Policy Transport Zone Profile paths",
"items": {
"type": "string"
},
"required": false,
"title": "Policy Transport Zone Profile paths",
"type": "array"
},
"tz_type": {
"description": "Transport Zone Traffic type, must be one of either VLAN_BACKED or OVERLAY_BACKED. OVERLAY_STANDARD, OVERLAY_ENS and UNKNOWN are DEPRECATED. STANDARD, ENS and ENS_INTERRUPT are hostSwitch modes and same need to be given in HostTransportNode.HostSwitchSpec.",
"enum": [
"OVERLAY_STANDARD",
"OVERLAY_ENS",
"VLAN_BACKED",
"OVERLAY_BACKED",
"UNKNOWN"
],
"title": "Transport Zone Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"uplink_teaming_policy_names": {
"additionalProperties": false,
"description": "The names of switching uplink teaming policies that all transport nodes in this transport zone support. Uplinkin teaming policies are only valid for VLAN backed transport zones.",
"items": {
"type": "string"
},
"required": false,
"title": "Names of the switching uplink teaming policies that are supported by this transport zone.",
"type": "array"
}
},
"search_dsl_exclude": true,
"title": "Transport Zone",
"type": "object"
}
PolicyTransportZoneListRequestParameters (type)
{
"additionalProperties": false,
"description": "Policy Transport Zone list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyTransportZoneListRequestParameters",
"module_id": "PolicyTransportZone",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Transport Zone List Request Parameters",
"type": "object"
}
PolicyTransportZoneListResult (type)
{
"description": "Paged Collection of Transport Zone",
"extends": {
"$ref": "ListResult
},
"id": "PolicyTransportZoneListResult",
"module_id": "PolicyTransportZone",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"additionalProperties": false,
"description": "Transport Zone list result.",
"items": {
"$ref": "PolicyTransportZone
},
"required": true,
"title": "Transport Zone List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Transport Zone",
"type": "object"
}
PolicyTransportZoneProfile (type)
{
"description": "Transport Zone Profile.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyTransportZoneProfile",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_config": {
"$ref": "BfdHealthMonitoringConfig,
"additionalProperties": false,
"description": "Bfd Health Monitoring Options",
"required": true,
"title": "Bfd Profile Options"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tz_profile_type": {
"description": "Policy Transport Zone Type.",
"enum": [
"BFD"
],
"required": true,
"title": "Policy Transport Zone Type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Transport Zone Profile",
"type": "object"
}
PolicyTransportZoneProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PolicyTransportZoneProfileListRequestParameters",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Policy Transport Zone Profile request parameters",
"type": "object"
}
PolicyTransportZoneProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PolicyTransportZoneProfileListResult",
"module_id": "PolicyTransportZoneProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyTransportZoneProfile
},
"required": true,
"title": "Policy Transport Zone profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Policy Transport Zone Profiles",
"type": "object"
}
PolicyTunnelDigestAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "The TunnelDigestAlgorithms are used to verify message integrity during tunnel establishment. SHA1 produces 160 bits hash and SHA2_XXX produces XXX bit hash.",
"enum": [
"SHA1",
"SHA2_256",
"SHA2_384",
"SHA2_512"
],
"id": "PolicyTunnelDigestAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Digest Algorithms used in tunnel establishment",
"type": "string"
}
PolicyTunnelEncryptionAlgorithm (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "TunnelEncryption algorithms are used to ensure confidentiality of the messages exchanged during Tunnel negotiations. AES stands for Advanced Encryption Standards. AES_128 uses 128-bit keys whereas AES_256 uses 256-bit keys for encryption and decryption. AES_128 and AES_256 use CBC mode of encryption. AES_GCM stands for Advanced Encryption Standard(AES) in Galois/Counter Mode (GCM) and is used to provide both confidentiality and data origin authentication.",
"enum": [
"AES_128",
"AES_256",
"AES_GCM_128",
"AES_GCM_192",
"AES_GCM_256"
],
"id": "PolicyTunnelEncryptionAlgorithm",
"module_id": "PolicyL3Vpn",
"title": "Encryption algorithm used in tunnel",
"type": "string"
}
PolicyUrlCategorizationConfig (type)
{
"additionalProperties": false,
"description": "The type contains information about the configuration of the feature for a specific node. It contains information like the whether the feature is enabled/disabled, the context profiles defining the category list to detect.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PolicyUrlCategorizationConfig",
"module_id": "PolicyUrlCategorization",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"context_profiles": {
"deprecated": true,
"description": "The ids of the context profiles that provides the list of categories to be detected. This field is deprecated. URL Categorization will not be supported in association with context profiles.",
"items": {
"type": "string"
},
"required": false,
"title": "Context profiles",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "Property which specifies the enabling/disabling of the feature.",
"required": true,
"title": "Enabled",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"update_frequency": {
"default": 30,
"description": "The frequency in minutes at which the updates are downloaded from the URL categorization cloud service. The minimum allowed value is 5 minutes.",
"minimum": 5,
"required": false,
"title": "Policy URL Categorization Update Frequency",
"type": "int"
}
},
"title": "URL categorization entity",
"type": "object"
}
PoolMemberAdminStateType (type)
{
"additionalProperties": false,
"description": "User can set the admin state of a member to ENABLED or DISABLED or GRACEFUL_DISABLED. By default, when a member is added, it is ENABLED. If a member is set to DISABLED, it is not selected for any new connections. Active connections, however, will continue to be processed by it. New connections with matching persistence entries pointing to DISABLED members are not sent to those DISABLED members. Those connections are assigned to other members of the pool and the corresponding persistence entries are updated to point to the newly selected server. To allow for a more graceful way of taking down servers for maintenance, a routine task, another admin state GRACEFUL_DISABLED is supported. Existing connections to a member in GRACEFUL_DISABLED state continue to be processed.",
"enum": [
"ENABLED",
"DISABLED",
"GRACEFUL_DISABLED"
],
"id": "PoolMemberAdminStateType",
"module_id": "LoadBalancer",
"title": "pool member admin state",
"type": "string"
}
PoolMemberSetting (type)
{
"additionalProperties": false,
"description": "The setting is used to add, update or remove pool members from pool. For static pool members, admin_state, display_name and weight can be updated. For dynamic pool members, only admin_state can be updated.",
"id": "PoolMemberSetting",
"module_id": "LoadBalancer",
"properties": {
"admin_state": {
"$ref": "PoolMemberAdminStateType,
"default": "ENABLED",
"required": false,
"title": "Member admin state"
},
"display_name": {
"description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.",
"required": false,
"title": "Pool member display name",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "Pool member IP address"
},
"port": {
"$ref": "PortElement,
"required": false,
"title": "Pool member port number"
},
"weight": {
"description": "Only applicable to static pool members. If supplied for a pool defined by a grouping object, update API would fail.",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Pool member weight",
"type": "integer"
}
},
"title": "Pool member setting",
"type": "object"
}
PortAddressBindingEntry (type)
{
"additionalProperties": false,
"description": "Detailed information about static address for the port.",
"id": "PortAddressBindingEntry",
"module_id": "PolicyConnectivity",
"properties": {
"ip_address": {
"description": "IP Address for port binding",
"required": false,
"title": "IP address",
"type": "string"
},
"mac_address": {
"$ref": "MACAddress,
"description": "Mac address for port binding",
"required": false,
"title": "MAC address"
},
"vlan_id": {
"$ref": "VlanID,
"description": "VLAN ID for port binding",
"required": false,
"title": "VLAN ID"
}
},
"title": "Address binding information",
"type": "object"
}
PortAttacher (type) (Deprecated)
{
"deprecated": true,
"id": "PortAttacher",
"module_id": "LogicalPort",
"properties": {
"entity": {
"description": "This is a vmknic name if the attacher is vmknic. Otherwise, it is full path of the attached VM's config file",
"readonly": false,
"required": true,
"title": "Reference to the attached entity",
"type": "string"
},
"host": {
"readonly": false,
"required": true,
"title": "TransportNode on which the attacher resides",
"type": "string"
}
},
"title": "VM or vmknic entity attached to LogicalPort",
"type": "object"
}
PortAttachment (type)
{
"additionalProperties": false,
"description": "Detail information about port attachment",
"id": "PortAttachment",
"module_id": "PolicyConnectivity",
"properties": {
"allocate_addresses": {
"description": "Indicate how IP will be allocated for the port",
"enum": [
"IP_POOL",
"MAC_POOL",
"BOTH",
"NONE",
"DHCP"
],
"required": false,
"title": "Allocate addresses",
"type": "string"
},
"app_id": {
"description": "ID used to identify/look up a child attachment behind a parent attachment",
"required": false,
"title": "App Id",
"type": "string"
},
"bms_interface_config": {
"$ref": "AttachedInterfaceEntry,
"description": "Indicate application interface configuration for Bare Metal Server.",
"required": false,
"title": "Application interface configuration for Bare metal server"
},
"context_id": {
"description": "If type is CHILD and the parent port is on the same segment as the child port, then this field should be VIF ID of the parent port. If type is CHILD and the parent port is on a different segment, then this field should be policy path of the parent port. If type is INDEPENDENT/STATIC, then this field should be transport node ID.",
"required": false,
"title": "Context ID based on the type",
"type": "string"
},
"context_type": {
"description": "Set to PARENT when type field is CHILD. Read only field.",
"enum": [
"PARENT"
],
"readonly": true,
"title": "Context Type",
"type": "string"
},
"evpn_vlans": {
"description": "List of Evpn tenant VLAN IDs the Parent logical-port serves in Evpn Route-Server mode. Only effective when attachment type is PARENT and the logical-port is attached to vRouter VM.",
"items": {
"type": "string"
},
"maxItems": 1000,
"minItems": 0,
"required": false,
"title": "Evpn tenant VLAN IDs the Parent logical-port serves.",
"type": "array"
},
"hyperbus_mode": {
"default": "DISABLE",
"description": "Flag to indicate if hyperbus configuration is required.",
"enum": [
"ENABLE",
"DISABLE"
],
"title": "Hyperbus mode",
"type": "string"
},
"id": {
"description": "VIF UUID on NSX Manager. If the attachement type is PARENT, this property is required.",
"required": false,
"title": "Port attachment ID",
"type": "string"
},
"traffic_tag": {
"$ref": "VlanID,
"description": "Not valid when type field is INDEPENDENT, mainly used to identify traffic from different ports in container use case.",
"required": false,
"title": "VLAN ID"
},
"type": {
"description": "Type of port attachment. STATIC is added to replace INDEPENDENT. INDEPENDENT type and PARENT type are deprecated.",
"enum": [
"PARENT",
"CHILD",
"INDEPENDENT",
"STATIC"
],
"required": false,
"title": "Attachement type",
"type": "string"
}
},
"title": "Attachment information on the port",
"type": "object"
}
PortDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Port. Using this entity, user can specify intent for applying discovery profile to particular Port. Port here is Logical Port.",
"extends": {
"$ref": "DiscoveryProfileBindingMap
},
"id": "PortDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_discovery_profile_path": {
"description": "PolicyPath of associated IP Discovery Profile",
"required": false,
"title": "IP Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortDiscoveryProfileBindingMap"
],
"relationshipType": "PORT_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
}
]
},
"mac_discovery_profile_path": {
"description": "PolicyPath of associated Mac Discovery Profile",
"required": false,
"title": "Mac Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortDiscoveryProfileBindingMap"
],
"relationshipType": "PORT_BINDINGMAP_MACDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"MacDiscoveryProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Port Discovery Profile binding map",
"type": "object"
}
PortDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PortDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port Discovery Profile Binding Map list request parameters",
"type": "object"
}
PortDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortDiscoveryProfileBindingMap
},
"required": true,
"title": "Port Discovery Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port Discovery Profile Binding Maps",
"type": "object"
}
PortElement (type)
{
"description": "Examples- Single port \"8080\", Range of ports \"8090-8095\"",
"format": "port-or-range",
"id": "PortElement",
"module_id": "Common",
"title": "A port or a port range",
"type": "string"
}
PortMirrorFilter (type)
{
"additionalProperties": false,
"id": "PortMirrorFilter",
"module_id": "PolicyPortMirroring",
"properties": {
"destination_ips": {
"$ref": "IPAddresses,
"description": "Destination IP in the form of IPAddresses, used to match the destination IP of a packet. If not provided, no filtering by destination IPs is performed.",
"title": "Destination IP used to filter packets"
},
"destination_ports": {
"$ref": "PortElement,
"description": "Destination port in the form of a port or port range, used to match the destination port of a packet. If not provided, no filtering by destination port is performed.",
"title": "Destination port or port range used to filter packets"
},
"protocol": {
"description": "The transport protocols of TCP or UDP, used to match the transport protocol of a packet. If not provided, no filtering by IP protocols is performed.",
"enum": [
"TCP",
"UDP"
],
"title": "The protocol used to filter packets.",
"type": "string"
},
"source_ips": {
"$ref": "IPAddresses,
"description": "Source IP in the form of IPAddresses, used to match the source IP of a packet. If not provided, no filtering by source IPs is performed.",
"title": "Source IP used to filter packets"
},
"source_ports": {
"$ref": "PortElement,
"description": "Source port in the form of a port or port range, used to match the source port of a packet. If not provided, no filtering by source port is performed.",
"title": "Source port or port range used to filter packets"
}
},
"type": "object"
}
PortMirroringProfile (type)
{
"additionalProperties": false,
"description": "Mirrors Data from source to destination",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PortMirroringProfile",
"module_id": "PolicyPortMirroring",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_group": {
"description": "Data from source group will be copied to members of destination group. Only IPSET group and group with membership criteria VM is supported. IPSET group allows only three ip's.",
"required": true,
"title": "Destination group path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMirroringProfile"
],
"relationshipType": "PORT_MIRRORING_DESTINATION_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"direction": {
"default": "BIDIRECTIONAL",
"description": "Port mirroring profile direction",
"enum": [
"INGRESS",
"EGRESS",
"BIDIRECTIONAL"
],
"title": "Direction",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"encapsulation_type": {
"default": "GRE",
"description": "User can provide Mirror Destination type e.g GRE, ERSPAN_TWO or ERSPAN_THREE.If profile type is REMOTE_L3_SPAN, encapsulation type is used else ignored.",
"enum": [
"GRE",
"ERSPAN_TWO",
"ERSPAN_THREE"
],
"required": false,
"title": "Mirror Destination encapsulation type",
"type": "string"
},
"erspan_id": {
"default": 0,
"description": "Used by physical switch for the mirror traffic forwarding. Must be provided and only effective when encapsulation type is ERSPAN type II or type III.",
"maximum": 1023,
"minimum": 0,
"required": false,
"title": "ERSPAN session id",
"type": "int"
},
"filter_action": {
"default": "INCLUDE",
"description": "If set to INCLUDE, packets matching all filters will be mirrored. If set to EXCLUDE, packets NOT matching any filters will be mirrored.",
"enum": [
"INCLUDE",
"EXCLUDE"
],
"title": "Action to include or exclude traffic for all filter in port_mirroring_filters",
"type": "string"
},
"gre_key": {
"default": 0,
"description": "User-configurable 32-bit key only for GRE",
"minimum": 0,
"required": false,
"title": "GRE encapsulation key",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_filters": {
"description": "An array of 5-tuples used to filter packets for the mirror session. If not provided, all the packets will be mirrored. This field is with filter_action which defines whether packets matching the filter will be included or excluded",
"items": {
"$ref": "PortMirrorFilter
},
"maxItems": 1,
"minItems": 0,
"title": "Port mirroring filter",
"type": "array"
},
"profile_type": {
"default": "REMOTE_L3_SPAN",
"description": "Allows user to select type of port mirroring session.",
"enum": [
"REMOTE_L3_SPAN",
"LOGICAL_SPAN"
],
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"snap_length": {
"description": "If this property is set, the packet will be truncated to the provided length. If this property is unset, entire packet will be mirrored.",
"maximum": 65535,
"minimum": 60,
"required": false,
"title": "Maximum packet length for packet truncation",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_ip_stack": {
"default": "Default",
"description": "User can provide Mirror stack or Default stack to send mirror traffic. If profile type is REMOTE_L3_SPAN, tcp_ip_stack type is used else ignored.",
"enum": [
"Default",
"Mirror"
],
"title": "Mirror Destination encapsulation type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Mirrors Data from source to destination",
"type": "object"
}
PortMirroringProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortMirroringProfileListRequestParameters",
"module_id": "PolicyPortMirroring",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port mirroring profile request parameters",
"type": "object"
}
PortMirroringProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortMirroringProfileListResult",
"module_id": "PolicyPortMirroring",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortMirroringProfile
},
"required": true,
"title": "Port Mirroring Profiles list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of port mirroring profiles",
"type": "object"
}
PortMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Port. Using this entity, user can specify intent for applying monitoring profile to particular Port. Port here is Segment Port.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "PortMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_COLLECTOR_PROFILE_RELATIONSHIP",
"rightType": [
"IPFIXL2CollectorProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_PORT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Port Monitoring Profile binding map",
"type": "object"
}
PortMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PortMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port Monitoring Profile Binding Map list request parameters",
"type": "object"
}
PortMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortMonitoringProfileBindingMap
},
"required": true,
"title": "Port Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port Monitoring Profile Binding Maps",
"type": "object"
}
PortQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between qos profile and Port. Using this entity, you can specify intent for applying qos profile to particular Port. Port here is Segment Port.",
"extends": {
"$ref": "QoSProfileBindingMap
},
"id": "PortQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"qos_profile_path": {
"description": "PolicyPath of associated QoS Profile",
"required": false,
"title": "QoS Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortQoSProfileBindingMap"
],
"relationshipType": "QOS_PROFILE_PORT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"QoSProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"port qos profile binding map"
],
"title": "Port QoS Profile binding map",
"type": "object"
}
PortQoSProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortQoSProfileBindingMapListRequestParameters",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port QoS Profile Binding Map list request parameters",
"type": "object"
}
PortQoSProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortQoSProfileBindingMapListResult",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortQoSProfileBindingMap
},
"required": true,
"title": "Port QoS Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Port QoS Profile Binding Maps",
"type": "object"
}
PortSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Contains the binding relationship between port and security profile.",
"extends": {
"$ref": "SecurityProfileBindingMap
},
"id": "PortSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_security_profile_path": {
"description": "The policy path of the asscociated Segment Security profile",
"required": false,
"title": "Segment Security Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortSecurityProfileBindingMap"
],
"relationshipType": "PORT_SECURITY_BINDING_MAP_SEGMENT_SECURITY_RELATIONSHIP",
"rightType": [
"SegmentSecurityProfile"
]
}
]
},
"spoofguard_profile_path": {
"description": "The policy path of the asscociated SpoofGuard profile",
"required": false,
"title": "SpoofGuard Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PortSecurityProfileBindingMap"
],
"relationshipType": "PORT_SECURITY_BINDING_MAP_SPOOFGUARD_RELATIONSHIP",
"rightType": [
"SpoofGuardProfile",
"IPDiscoveryProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Security profile binding map for port",
"type": "object"
}
PortSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "PortSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Port security profile binding map request parameters",
"type": "object"
}
PortSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PortSecurityProfileBindingMapListResult",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PortSecurityProfileBindingMap
},
"required": true,
"title": "Port security profile binding map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of port security profile binding maps",
"type": "object"
}
PreReqCondition (type)
{
"enum": [
"WAVE_FRONT",
"TSDB",
"TRACE"
],
"id": "PreReqCondition",
"module_id": "PolicySha",
"title": "Valid pre-req condition",
"type": "string"
}
PrefixEntry (type)
{
"additionalProperties": false,
"id": "PrefixEntry",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"default": "PERMIT",
"description": "Action for the prefix list.",
"enum": [
"PERMIT",
"DENY"
],
"required": false,
"title": "Action for the prefix list",
"type": "string"
},
"ge": {
"description": "Prefix length greater than or equal to.",
"maximum": 128,
"minimum": 1,
"title": "Prefix length greater than or equal to",
"type": "int"
},
"le": {
"description": "Prefix length less than or equal to.",
"maximum": 128,
"minimum": 1,
"title": "Prefix length less than or equal to",
"type": "int"
},
"network": {
"description": "Network prefix in CIDR format. \"ANY\" matches all networks.",
"required": true,
"title": "Network prefix in CIDR format",
"type": "string"
}
},
"title": "Network prefix entry",
"type": "object"
}
PrefixList (type)
{
"additionalProperties": false,
"description": "A named list of prefixes for routing purposes.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "PrefixList",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"prefixes": {
"description": "Specify ordered list of network prefixes.",
"items": {
"$ref": "PrefixEntry
},
"minItems": 1,
"required": true,
"title": "Ordered list of network prefixes",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A named list of prefixes for routing purposes",
"type": "object"
}
PrefixListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "PrefixListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PrefixList request parameters",
"type": "object"
}
PrefixListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PrefixListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PrefixList
},
"required": true,
"title": "PrefixList results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of PrefixLists",
"type": "object"
}
Principal (type)
{
"additionalProperties": false,
"id": "Principal",
"module_id": "CertificateManager",
"properties": {
"attributes": {
"description": "Attribute list.",
"items": {
"$ref": "KeyValue
},
"readonly": false,
"required": true,
"type": "array"
}
},
"type": "object"
}
PrincipalIdentity (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "PrincipalIdentity",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.",
"readonly": false,
"required": false,
"title": "Id of the stored certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"description": "The roles that are associated with this PI.",
"pattern": "^[_a-z0-9-]+$",
"readonly": false,
"required": false,
"title": "Role",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
PrincipalIdentityList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "PrincipalIdentityList",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "PrincipalIdentity list.",
"items": {
"$ref": "PrincipalIdentity
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "PrincipalIdentity query result",
"type": "object"
}
PrincipalIdentityWithCertificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PrincipalIdentity
},
"id": "PrincipalIdentityWithCertificate",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate. When used with the deprecated POST /trust-management/principal-identities API this field is required.",
"readonly": false,
"required": false,
"title": "Id of the stored certificate",
"type": "string"
},
"certificate_pem": {
"description": "PEM encoding of the new certificate.",
"readonly": false,
"required": true,
"title": "PEM encoding of the new certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"description": "The roles that are associated with this PI.",
"pattern": "^[_a-z0-9-]+$",
"readonly": false,
"required": false,
"title": "Role",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
ProfileBindingListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProfileBindingListRequestParameters",
"module_id": "PolicyProfile",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Profile binding map list request parameters",
"type": "object"
}
ProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between profile and policy entities.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ProfileBindingMap",
"module_id": "PolicyProfile",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy base profile binding map",
"type": "object"
}
ProfileSeverity (type)
{
"enum": [
"CRITICAL",
"HIGH",
"MEDIUM",
"LOW",
"SUSPICIOUS"
],
"id": "ProfileSeverity",
"module_id": "PolicyIDS",
"title": "Intrusion Detection System Profile severity",
"type": "string"
}
ProfileSupportedAttributesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ProfileSupportedAttributesListRequestParameters",
"module_id": "PolicyContextProfile",
"properties": {
"attribute_key": {
"description": "It fetches attributes and subattributes for the given attribute key supported in the system which can be used for Policy Context Profile creation.",
"required": false,
"title": "Fetch attributes and sub-attributes for the given attribute key",
"type": "string"
},
"attribute_source": {
"default": "SYSTEM",
"description": "It fetches attributes and sub attributes for the given attribute key based on the source of attribute which can be used for Policy Context Profile creation.",
"enum": [
"ALL",
"CUSTOM",
"SYSTEM"
],
"required": false,
"title": "Source of the attribute, System Defined or custom",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Profile Attributes list request parameters.",
"type": "object"
}
ProgressItem (type)
{
"id": "ProgressItem",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Item description",
"type": "string"
},
"name": {
"required": true,
"title": "Name of the item",
"type": "string"
},
"parts": {
"items": {
"$ref": "ProgressItemPart
},
"title": "Finer details, usually there is only one part",
"type": "array"
}
},
"type": "object"
}
ProgressItemPart (type)
{
"id": "ProgressItemPart",
"module_id": "SiteManagerModule",
"properties": {
"description": {
"required": true,
"title": "Description of the process",
"type": "string"
},
"error": {
"required": false,
"title": "Error message, if ran into error",
"type": "string"
},
"name": {
"required": true,
"title": "Name of the process",
"type": "string"
},
"percentage": {
"required": true,
"title": "0 - 100 of the task being completed",
"type": "integer"
},
"status": {
"enum": [
"RUNNING",
"ERROR",
"COMPLETE"
],
"required": true,
"title": "Status of this process",
"type": "string"
}
},
"type": "object"
}
PropertyItem (type)
{
"additionalProperties": false,
"description": "Represents a label-value pair.",
"id": "PropertyItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the property will be displayed. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"field": {
"description": "Represents field value of the property.",
"maxLength": 1024,
"required": true,
"title": "Field of the Property",
"type": "string"
},
"heading": {
"default": false,
"description": "Set to true if the field is a heading. Default is false.",
"title": "If true, represents the field as a heading",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "If a field represents a heading, then label is not needed",
"title": "Label of the property"
},
"label_value_separator": {
"description": "Label value separator used between label and value. It can be any separator like \":\" or \"-\".",
"title": "Labale value separator used between label and value",
"type": "string"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details. This will be linked with value of the property.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"render_configuration": {
"description": "Render configuration to be applied, if any.",
"items": {
"$ref": "RenderConfiguration
},
"title": "Render Configuration",
"type": "array"
},
"rowspan": {
"description": "Represent the vertical span of the widget / container",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"separator": {
"default": false,
"description": "If true, separates this property in a widget.",
"title": "A separator after this property",
"type": "boolean"
},
"span": {
"description": "Represent the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"style": {
"description": "A style object applicable for the property item. It could be the any padding, margin style sheet applicable to the property item. A 'style' property is supported in case of layout 'AUTO' only.",
"title": "A Style object applicable for the Property Item",
"type": "object"
},
"type": {
"default": "String",
"description": "Data type of the field.",
"enum": [
"String",
"Number",
"Date",
"Url"
],
"maxLength": 255,
"required": true,
"title": "field data type",
"type": "string"
}
},
"title": "LabelValue Property",
"type": "object"
}
Protocol (type)
{
"abstract": true,
"additionalProperties": {},
"id": "Protocol",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "name"
},
"properties": {
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
}
},
"type": "object"
}
ProtocolVersion (type)
{
"additionalProperties": false,
"id": "ProtocolVersion",
"properties": {
"enabled": {
"required": true,
"title": "Enable status for this protocol version",
"type": "boolean"
},
"name": {
"required": true,
"title": "Name of the TLS protocol version",
"type": "string"
}
},
"title": "TLS protocol version",
"type": "object"
}
QoSBaseRateLimiter (type)
{
"abstract": true,
"id": "QoSBaseRateLimiter",
"module_id": "PolicyQoS",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"enabled": {
"required": true,
"type": "boolean"
},
"resource_type": {
"default": "IngressRateLimiter",
"description": "Type rate limiter",
"enum": [
"IngressRateLimiter",
"IngressBroadcastRateLimiter",
"EgressRateLimiter"
],
"required": true,
"type": "string"
}
},
"title": "A Limiter configuration entry that specifies type and metrics",
"type": "object"
}
QoSDscp (type)
{
"description": "Dscp value is ignored in case of 'TRUSTED' DscpTrustMode.",
"id": "QoSDscp",
"module_id": "PolicyQoS",
"properties": {
"mode": {
"$ref": "DscpTrustMode
},
"priority": {
"default": 0,
"maximum": 63,
"minimum": 0,
"title": "Internal Forwarding Priority",
"type": "int"
}
},
"required": true,
"title": "One of QoS or Encapsulated-Remote-Switched-Port-Analyzer",
"type": "object"
}
QoSProfile (type)
{
"extends": {
"$ref": "PolicyConfigResource
},
"id": "QoSProfile",
"module_id": "PolicyQoS",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"class_of_service": {
"default": 0,
"description": "Class of service groups similar types of traffic in the network and each type of traffic is treated as a class with its own level of service priority. The lower priority traffic is slowed down or in some cases dropped to provide better throughput for higher priority traffic.",
"maximum": 7,
"minimum": 0,
"title": "Class of service",
"type": "int"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dscp": {
"$ref": "QoSDscp
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"shaper_configurations": {
"description": "Array of Rate limiter configurations to applied on Segment or Port.",
"items": {
"$ref": "QoSBaseRateLimiter
},
"maxItems": 3,
"minItems": 0,
"required": false,
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"qos segment profile"
],
"type": "object"
}
QoSProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "QoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base QoS Profile Binding Map",
"type": "object"
}
QoSProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "QoSProfileListRequestParameters",
"module_id": "PolicyQoS",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "QoS Profile request parameters",
"type": "object"
}
QoSProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "QoSProfileListResult",
"module_id": "PolicyQoS",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "QoSProfile
},
"required": true,
"title": "QoS profiles list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of QoS profiles",
"type": "object"
}
RAConfig (type)
{
"additionalProperties": false,
"id": "RAConfig",
"module_id": "Routing",
"properties": {
"hop_limit": {
"default": 64,
"description": "The maximum number of hops through which packets can pass before being discarded.",
"maximum": 255,
"minimum": 0,
"required": false,
"title": "Hop limit",
"type": "integer"
},
"prefix_lifetime": {
"default": 2592000,
"description": "The time interval in seconds, in which the prefix is advertised as valid.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of prefix",
"type": "integer"
},
"prefix_preferred_time": {
"default": 604800,
"description": "The time interval in seconds, in which the prefix is advertised as preferred.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Prefix preferred time",
"type": "integer"
},
"ra_interval": {
"default": 600,
"description": "Interval between 2 Router advertisement in seconds.",
"maximum": 1800,
"minimum": 4,
"required": false,
"title": "RA interval",
"type": "integer"
},
"router_lifetime": {
"default": 1800,
"description": "Router lifetime value in seconds. A value of 0 indicates the router is not a default router for the receiving end. Any other value in this field specifies the lifetime, in seconds, associated with this router as a default router.",
"maximum": 65520,
"minimum": 0,
"required": false,
"title": "Lifetime of router",
"type": "integer"
},
"router_preference": {
"$ref": "NDRAPreference,
"default": "MEDIUM",
"description": "NDRA Router preference value with MEDIUM as default. If the router_lifetime is 0, the preference must be set to MEDIUM.",
"required": false,
"title": "Router preference"
}
},
"type": "object"
}
RAMode (type)
{
"additionalProperties": false,
"description": "Router Advertisement Modes. DISABLED - RA is disabled SLAAC_DNS_THROUGH_RA - Stateless address auto-configuration RA for address and configuration SLAAC_DNS_THROUGH_DHCP - SLAAC RA for address and DHCPv6 for configuration DHCP_ADDRESS_AND_DNS_THROUGH_DHCP - DHCPv6 for address and configurations SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP - SLAAC RA and DHCPv6 for address and configurations",
"enum": [
"DISABLED",
"SLAAC_DNS_THROUGH_RA",
"SLAAC_DNS_THROUGH_DHCP",
"DHCP_ADDRESS_AND_DNS_THROUGH_DHCP",
"SLAAC_AND_ADDRESS_DNS_THROUGH_DHCP"
],
"id": "RAMode",
"module_id": "Routing",
"title": "Router Advertisement Mode",
"type": "string"
}
RaDNSConfig (type)
{
"additionalProperties": false,
"id": "RaDNSConfig",
"module_id": "Routing",
"properties": {
"dns_server": {
"description": "DNS server.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 8,
"required": false,
"title": "DNS server",
"type": "array"
},
"dns_server_lifetime": {
"default": 1800000,
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of DNS server in milliseconds",
"type": "integer"
},
"domain_name": {
"description": "Domain name in RA message.",
"items": {
"type": "string"
},
"maxItems": 8,
"required": false,
"title": "Domain name",
"type": "array"
},
"domain_name_lifetime": {
"default": 1800000,
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Lifetime of Domain names in milliseconds",
"type": "integer"
}
},
"type": "object"
}
Reaction (type)
{
"additionalProperties": false,
"description": "Reaction represents a programmable entity which encapsulates the events and the actions in response to the events, or simply \"If This Then That\".",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Reaction",
"module_id": "PolicyReaction",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"actions": {
"description": "Actions that need to be taken when the events occur. These actions must appear in the order that they need to be taken in. This field can be interpreted as the HOW of the Reaction, or simply as \"Then That\".",
"items": {
"$ref": "Action
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Reaction Actions",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"events": {
"description": "Events that provide contextual variables about what the reaction should react to. This field can be interpreted as the WHAT of the Reaction, or simply as \"If This\" Clause.",
"items": {
"$ref": "Event
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Reaction Events",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Reaction",
"type": "object"
}
RealizationListRequestParameters (type)
{
"additionalProperties": false,
"description": "List request params for the pass through type api that get data from the Enforcement point. The basic requirement for these kind of APIs is filtering by Enforcement point.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RealizationListRequestParameters",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Realization list request params",
"type": "object"
}
RealizedStateRequestParameter (type)
{
"description": "Request parameter that represents a binding between an intent path and enforcement point path. A request on the realized state can be parameterized with this pair and will be evaluted as follows: - {intent_path}: the request is evaluated on all enforcement points for the given intent. - {intent_path, enforcement_point_path}: the request is evaluated only on the given enforcement point for the given intent.",
"id": "RealizedStateRequestParameter",
"module_id": "PolicyRealizedState",
"properties": {
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"intent_path": {
"description": "Intent path of object, forward slashes must be escaped using %2F",
"required": true,
"title": "String Path of the intent object",
"type": "string"
}
},
"title": "Binding between Intent and Enforcement Point Paths",
"type": "object"
}
RealizedVirtualMachine (type)
{
"additionalProperties": false,
"experimental": true,
"extends": {
"$ref": "PolicyRealizedResource
},
"id": "RealizedVirtualMachine",
"module_id": "PolicyRealizedState",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alarms": {
"items": {
"$ref": "PolicyAlarmResource
},
"required": false,
"title": "Alarm info detail",
"type": "array"
},
"compute_ids": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"host_id": {
"readonly": true,
"required": false,
"title": "Id of the host on which the vm exists.",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intent_reference": {
"items": {
"type": "string"
},
"required": false,
"title": "Desire state paths of this object",
"type": "array"
},
"local_id_on_host": {
"readonly": true,
"required": false,
"title": "Id of the vm unique within the host.",
"type": "string"
},
"operational_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, FAILURE This list is not exhaustive.",
"required": false,
"title": "String representation of operational status",
"type": "string"
},
"operational_status_error": {
"description": "It defines the root cause for operational status error.",
"required": false,
"title": "String representation of operational status error",
"type": "string"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"power_state": {
"enum": [
"VM_RUNNING",
"VM_STOPPED",
"VM_SUSPENDED",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Current power state of this virtual machine in the system.",
"type": "string"
},
"publish_status": {
"description": "Possible values could be UP, DOWN, UNKNOWN, SUCCESS This list is not exhaustive.",
"required": false,
"title": "String representation of publish status",
"type": "string"
},
"publish_status_error": {
"description": "It defines the root cause for publish status error.",
"required": false,
"title": "String representation of publish status error",
"type": "string"
},
"publish_status_error_code": {
"description": "It defines error code for publish status error.",
"required": false,
"title": "Represents error code for publish status.",
"type": "int"
},
"publish_status_error_details": {
"description": "Error details for publish status.",
"items": {
"$ref": "ConfigurationStateElement
},
"required": false,
"title": "Details for publich status error.",
"type": "array"
},
"realization_api": {
"required": false,
"title": "Realization API of this object on enforcement point",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"realization_specific_identifier": {
"required": false,
"title": "Realization id of this object",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"runtime_error": {
"description": "It define the root cause for runtime error.",
"required": false,
"title": "String representation of runtime error",
"type": "string"
},
"runtime_status": {
"deprecated": true,
"description": "Possible values could be UP, DOWN, UNKNOWN, DEGRADED This list is not exhaustive.",
"required": false,
"title": "String representation of runtime status",
"type": "string"
},
"state": {
"enum": [
"UNAVAILABLE",
"UNREALIZED",
"REALIZED",
"ERROR"
],
"required": true,
"title": "Realization state of this object",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Realized Virtual Machine",
"type": "object"
}
RealizedVirtualMachineListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RealizedVirtualMachineListResult",
"module_id": "PolicyGroupStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RealizedVirtualMachine,
"title": "Virtual machine list result"
},
"required": false,
"title": "Paged Collection of VMs",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RecommendedFeaturePermission (type)
{
"id": "RecommendedFeaturePermission",
"module_id": "AAA",
"properties": {
"recommended_permissions": {
"items": {
"type": "string"
},
"required": true,
"title": "Permission",
"type": "array"
},
"src_features": {
"items": {
"type": "string"
},
"required": true,
"title": "List of source features",
"type": "array"
},
"target_feature": {
"required": true,
"title": "Feature",
"type": "string"
}
},
"title": "Recommended Feature Permission",
"type": "object"
}
RecommendedFeaturePermissionListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RecommendedFeaturePermissionListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RecommendedFeaturePermission
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RedirectionPolicy (type)
{
"additionalProperties": false,
"description": "Ordered list of rules long with the path of PolicyServiceInstance to which the traffic needs to be redirected. | Please note that the scope property must be provided for NS redirection | policy if redirect to is a service chain. For NS, when redirect to is not | to the service chain, and scope is specified on RedirectionPolicy, it | will be ignored. The scope will be determined from redirect to path | instead. For EW policy, scope must not be supplied in the request. | Path to either Tier0 or Tier1 is allowed as the scope. Only 1 path | can be specified as a scope. | Also, note that, if stateful flag is not sent, it will be treated as true. If statelessness is intended, false must be sent explicitly as the value | for stateful field.",
"extends": {
"$ref": "Policy
},
"id": "RedirectionPolicy",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"north_south": {
"description": "This is the read only flag which will state the direction of this | redirection policy. True denotes that it is NORTH-SOUTH and false | value means it is an EAST-WEST redirection policy.",
"readonly": true,
"title": "Flag to denote whether it is north south policy",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"redirect_to": {
"description": "Paths to which traffic will be redirected to. As of now, only 1 is | supported. Paths allowed are | 1. Policy Service Instance | 2. Service Instance Endpoint | 3. Virtual Endpoint | 4. Policy Service Chain",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "List of redirect to target paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_POLICY_SERVICE_INSTANCE_RELATIONSHIP",
"rightType": [
"PolicyServiceInstance"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_POLICY_SERVICE_INSTANCE_ENDPOINT_RELATIONSHIP",
"rightType": [
"ServiceInstanceEndpoint"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_VIRTUAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"VirtualEndpoint"
]
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"description": "Redirection rules that are a part of this RedirectionPolicy. At max, there can be 1000 rules in a given RedirectPolicy.",
"items": {
"$ref": "RedirectionRule
},
"maxItems": 1000,
"required": false,
"title": "Redirection rules that are a part of this RedirectionPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of rules and path to PolicyServiceInstance\n",
"type": "object"
}
RedirectionRule (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRule
},
"id": "RedirectionRule",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services",
"enum": [
"REDIRECT",
"DO_NOT_REDIRECT"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "It define redirection rule for service insertion",
"type": "object"
}
RegistrationToken (type)
{
"id": "RegistrationToken",
"module_id": "RegistrationTokenEndPoint",
"properties": {
"roles": {
"items": {
"type": "string"
},
"required": true,
"title": "List results",
"type": "array"
},
"token": {
"required": true,
"sensitive": true,
"title": "Access token",
"type": "string"
},
"user": {
"required": false,
"title": "User delegated by token",
"type": "string"
}
},
"title": "Appliance registration access token",
"type": "object"
}
RelatedApiError (type)
{
"id": "RelatedApiError",
"module_id": "Common",
"properties": {
"details": {
"title": "Further details about the error",
"type": "string"
},
"error_code": {
"title": "A numeric error code",
"type": "integer"
},
"error_data": {
"title": "Additional data about the error",
"type": "object"
},
"error_message": {
"title": "A description of the error",
"type": "string"
},
"module_name": {
"title": "The module name where the error occurred",
"type": "string"
}
},
"title": "Detailed information about a related API error",
"type": "object"
}
RelatedAttribute (type)
{
"additionalProperties": false,
"description": "Related attribute on the target resource for conditional constraints based on related attribute value. Example - destinationGroups/service/action is related attribute of sourceGroups in communcation entry.",
"id": "RelatedAttribute",
"module_id": "PolicyConstraints",
"properties": {
"attribute": {
"required": true,
"title": "Related attribute name on the target entity.",
"type": "string"
}
},
"title": "Related attribute details.",
"type": "object"
}
RelatedAttributeConditionalExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level type expression to express constraint as value of realted attribute to the target. Example - Constraint traget attribute 'X' (example in Constraint), if destinationGroups contains 'vCeneter' then allow only values \"HTTPS\", \"HTTP\" for attribute X. { \"target\":{ \"target_resource_type\":\"CommunicationEntry\", \"attribute\":\"services\", \"path_prefix\": \"/infra/domains/{{DOMAIN}}/edge-communication-maps/default/communication-entries/\" }, \"constraint_expression\": { \"resource_type\": \"RelatedAttributeConditionalExpression\", \"related_attribute\":{ \"attribute\":\"destinationGroups\" }, \"condition\" : { \"operator\":\"INCLUDES\", \"rhs_value\": [\"/infra/domains/mgw/groups/VCENTER\"], \"value_constraint\": { \"resource_type\": \"ValueConstraintExpression\", \"operator\":\"INCLUDES\", \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"] } } } }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "RelatedAttributeConditionalExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "RelatedAttributeConditionalExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"$ref": "ConditionalValueConstraintExpression,
"description": "Conditional value expression for target based on realted attribute value.",
"required": true,
"title": "Conditiona value constraint expression."
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"related_attribute": {
"$ref": "RelatedAttribute,
"required": true,
"title": "Related attribute."
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Represents the leaf level type expression to express constraint as\nvalue of realted attribute to the target. Uses\nConditionalValueConstraintExpression to constrain the target value\nbased on the related attribute value on the same resource.\n",
"type": "object"
}
RemainingSupportBundleNode (type)
{
"additionalProperties": false,
"id": "RemainingSupportBundleNode",
"properties": {
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"status": {
"enum": [
"PENDING",
"PROCESSING"
],
"readonly": true,
"required": true,
"title": "Status of node",
"type": "string"
}
},
"type": "object"
}
RemoteFileServer (type)
{
"additionalProperties": false,
"id": "RemoteFileServer",
"module_id": "BackupConfiguration",
"properties": {
"directory_path": {
"pattern": "^\\/[\\w\\-.\\+~\\/]+$",
"required": true,
"title": "Remote server directory to copy bundle files to",
"type": "string",
"validation_msg_key": "com.vmware.nsx.validation.constraints.BackupRestore.directory_path_pattern.message"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "FileTransferProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote file server",
"type": "object"
}
RemoteServerFingerprint (type)
{
"additionalProperties": false,
"id": "RemoteServerFingerprint",
"module_id": "BackupConfiguration",
"properties": {
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"title": "Remote server",
"type": "object"
}
RemoteServerFingerprintRequest (type)
{
"additionalProperties": false,
"id": "RemoteServerFingerprintRequest",
"module_id": "BackupConfiguration",
"properties": {
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"server": {
"format": "hostname-or-ip",
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote server",
"type": "object"
}
RemoteSiteCompatibilityInfo (type)
{
"id": "RemoteSiteCompatibilityInfo",
"module_id": "SiteManagerModule",
"properties": {
"is_compatible": {
"title": "are the 2 sites compatible",
"type": "boolean"
},
"local_site": {
"$ref": "SiteCompatibilityInfo,
"title": "local site compatibility"
},
"remote_site": {
"$ref": "SiteCompatibilityInfo,
"title": "remote site compatibility"
}
},
"type": "object"
}
RemoteSiteCredential (type)
{
"description": "Contains the information needed to communicate with another site.",
"id": "RemoteSiteCredential",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"required": true,
"title": "Address of the site (IPv4:port)",
"type": "string"
},
"password": {
"required": true,
"sensitive": true,
"title": "Password of the site",
"type": "string"
},
"thumbprint": {
"required": true,
"sensitive": true,
"title": "Sha256 thumbprint of API certificate of the remote site",
"type": "string"
},
"username": {
"required": true,
"title": "Username of the site",
"type": "string"
}
},
"title": "Credential of remote site",
"type": "object"
}
RenderConfiguration (type)
{
"additionalProperties": false,
"description": "Render configuration to be applied to the widget.",
"id": "RenderConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"color": {
"description": "The color to use when rendering an entity. For example, set color as 'RED' to render a portion of donut in red.",
"title": "Color of the entity",
"type": "string"
},
"condition": {
"description": "If the condition is met then the rendering specified for the condition will be applied. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"display_value": {
"description": "If specified, overrides the field value. This can be used to display a meaningful value in situations where field value is not available or not configured.",
"maxLength": 255,
"title": "Overridden value to display, if any",
"type": "string"
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"minItems": 0,
"title": "Icons",
"type": "array"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the UI element if the condition is met.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
}
},
"title": "Render Configuration",
"type": "object"
}
ReorderRequest (type)
{
"additionalProperties": false,
"id": "ReorderRequest",
"module_id": "Upgrade",
"properties": {
"id": {
"readonly": false,
"required": true,
"title": "id of the upgrade unit group/upgrade unit before/after which the upgrade unit group/upgrade unit is to be placed",
"type": "string"
},
"is_before": {
"default": true,
"readonly": false,
"required": false,
"title": "flag indicating whether the upgrade unit group/upgrade unit is to be placed before or after the specified upgrade unit group/upgrade unit",
"type": "boolean"
}
},
"type": "object"
}
RepoSyncStatusReport (type)
{
"id": "RepoSyncStatusReport",
"module_id": "ClusterNodeVMDeployment",
"properties": {
"failure_code": {
"description": "In case of repo sync related failure, the code for the error will be stored here.",
"required": false,
"title": "Error code for failure",
"type": "integer"
},
"failure_message": {
"description": "In case if repo sync fails due to some issue, an error message will be stored here.",
"required": false,
"title": "Error message for failure",
"type": "string"
},
"status": {
"description": "Status of the repo sync operation on the single nsx-manager",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"FAILED",
"SUCCESS"
],
"required": true,
"title": "Repository Synchronization Status",
"type": "string"
},
"status_message": {
"description": "Describes the steps which repo sync operation is performing currently.",
"required": false,
"title": "Status message",
"type": "string"
}
},
"type": "object"
}
ResetNodeUserOwnPasswordProperties (type)
{
"additionalProperties": false,
"id": "ResetNodeUserOwnPasswordProperties",
"properties": {
"old_password": {
"description": "If the old_password is not given, a 400 BAD REQUEST is returned with an error message.",
"required": true,
"sensitive": true,
"title": "The old password of the user",
"type": "string"
},
"password": {
"required": true,
"sensitive": true,
"title": "The new password for user",
"type": "string"
}
},
"type": "object"
}
ResetStatsRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents an enforcement point path and category. A request on statistics can be parameterized with this enforcement point path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point.",
"extends": {
"$ref": "StatisticsRequestParameters
},
"id": "ResetStatsRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"category": {
"description": "Aggregation statistic category to perform reset operation.",
"enum": [
"DFW",
"EDGE"
],
"required": true,
"title": "Aggregation statistic category",
"type": "string"
},
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Reset Statistics Request Parameters",
"type": "object"
}
Resource (type)
{
"abstract": true,
"id": "Resource",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "Base class for resources",
"type": "object"
}
ResourceFieldPointer (type)
{
"additionalProperties": false,
"description": "Resource Field Pointer representing the exact value within a policy object.",
"id": "ResourceFieldPointer",
"module_id": "PolicyReaction",
"properties": {
"field_pointer": {
"description": "Field Pointer referencing the exact field within the policy object.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"path": {
"description": "Policy Path referencing a policy object. If not supplied, the field pointer will be applied to the event source.",
"title": "Resource Path",
"type": "string"
}
},
"title": "Resource Field Pointer",
"type": "object"
}
ResourceInfo (type)
{
"additionalProperties": false,
"description": "It represents the resource information which could identify resource.",
"id": "ResourceInfo",
"module_id": "PolicyTag",
"properties": {
"resource_ids": {
"description": "It will represent resource identifiers. For example, policy objects will be represented with paths and virtual machine will be represented with external ids.",
"items": {
"type": "string"
},
"required": true,
"title": "Resource identifiers",
"type": "array"
},
"resource_type": {
"description": "It will represent resource type on which tag bulk operation to be performed. Supported resource type is VirtualMachine.",
"required": true,
"title": "Resource type",
"type": "string"
}
},
"title": "Represents resources information",
"type": "object"
}
ResourceInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ResourceInfoListResult",
"module_id": "PolicyFineTuning",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "PolicyFineTuningResourceInfo
},
"required": true,
"title": "Resource info list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Collection of resource info objects",
"type": "object"
}
ResourceInfoSearchParameters (type)
{
"additionalProperties": false,
"description": "This object presents additional search capabilities over any API through free text query string. e.g. type=\"FirewallRuleDto\".",
"experimental": true,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ResourceInfoSearchParameters",
"module_id": "PolicyFineTuning",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"required": false,
"title": "Type query",
"type": "string"
}
},
"title": "Represents search object that provides additional search capabilities",
"type": "object"
}
ResourceLink (type)
{
"additionalProperties": false,
"id": "ResourceLink",
"module_id": "Common",
"properties": {
"action": {
"readonly": true,
"title": "Optional action",
"type": "string"
},
"href": {
"readonly": true,
"required": true,
"title": "Link to resource",
"type": "string"
},
"rel": {
"description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)",
"readonly": true,
"required": true,
"title": "Link relation type",
"type": "string"
}
},
"title": "A link to a related resource",
"type": "object"
}
ResourceOperation (type)
{
"additionalProperties": false,
"description": "Resource Operation is an Event Source that represents a resource that is being changed at very specific points of time, with regard to its interaction with dao layer.",
"extends": {
"$ref": "Source
},
"id": "ResourceOperation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "ResourceOperation"
},
"properties": {
"operation_types": {
"description": "Operation types.",
"items": {
"$ref": "ResourceOperationType
},
"minItems": 1,
"required": true,
"title": "Operation Types",
"type": "array"
},
"resource_pointer": {
"description": "Regex path representing a regex expression on resources. This regex is used to identify the object(s) that is/are the source of the Event. For instance: specifying \"Lb* | /infra/tier-0s/vmc/ipsec-vpn-services/default\" as a source means that ANY resource starting with Lb or ANY resource with \"/infra/tier-0s/vmc/ipsec-vpn-services/default\" as path would be the source of the event in question.",
"required": true,
"title": "Resource Pointer",
"type": "string"
},
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Resource Operation",
"type": "object"
}
ResourceOperationType (type)
{
"additionalProperties": false,
"description": "Resource Operation Type represents a change in state of a resource with regard to the interaction with DAO layer: POST_CREATE: post-create change event. POST_UPDATE: post-update change event. PRE_DELETE: pre-delete change event.",
"enum": [
"POST_CREATE",
"POST_UPDATE",
"PRE_DELETE"
],
"id": "ResourceOperationType",
"module_id": "PolicyReaction",
"title": "Resource Operation Type",
"type": "string"
}
ResourceReference (type)
{
"description": "A weak reference to an NSX resource.",
"id": "ResourceReference",
"module_id": "Common",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"type": "object"
}
ResourceSummaryDetail (type)
{
"additionalProperties": false,
"description": "Resource summary details represents list of resources for given resource type with its total count.",
"id": "ResourceSummaryDetail",
"module_id": "GmConfigOnboarding",
"properties": {
"resource_count": {
"description": "Total resource count",
"readonly": true,
"required": true,
"title": "Resource count",
"type": "integer"
},
"resource_list": {
"description": "List of homogenous resources of resource type.",
"items": {
"$ref": "OnboardingAttribute
},
"maxItems": 100,
"readonly": true,
"required": false,
"title": "Resource List",
"type": "array"
},
"resource_type": {
"description": "Policy resource entity type, for example: CommunicationMap, Group etc.",
"readonly": true,
"required": true,
"title": "Policy Resource Type",
"type": "string"
}
},
"title": "Resource Summary Detail",
"type": "object"
}
RestoreStep (type)
{
"id": "RestoreStep",
"module_id": "ClusterRestore",
"properties": {
"description": {
"readonly": true,
"required": true,
"title": "Restore step description",
"type": "string"
},
"status": {
"$ref": "PerStepRestoreStatus
},
"step_number": {
"readonly": true,
"required": true,
"title": "Restore step number",
"type": "integer"
},
"value": {
"readonly": true,
"required": true,
"title": "Restore step value",
"type": "string"
}
},
"title": "Restore step info",
"type": "object"
}
RevisionedResource (type)
{
"abstract": true,
"extends": {
"$ref": "Resource
},
"id": "RevisionedResource",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
}
},
"title": "A base class for types that track revisions",
"type": "object"
}
Role (type)
{
"id": "Role",
"module_id": "AAA",
"properties": {
"role": {
"description": "Short identifier for the role. Must be all lower case with no spaces.",
"pattern": "^[_a-z0-9-]+$",
"required": true,
"title": "Role identifier",
"type": "string"
},
"role_display_name": {
"description": "A short, human-friendly display name of the role.",
"required": false,
"title": "Display name for role",
"type": "string"
}
},
"title": "Role",
"type": "object"
}
RoleBinding (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "RoleBinding",
"module_id": "AAA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"identity_source_id": {
"description": "The ID of the external identity source that holds the referenced external entity. Currently, only external LDAP and OIDC servers are allowed.",
"required": false,
"title": "ID of the external identity source",
"type": "string"
},
"identity_source_type": {
"default": "VIDM",
"enum": [
"VIDM",
"LDAP",
"OIDC"
],
"required": false,
"title": "Identity source type",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "User/Group's name",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"roles": {
"description": "The roles of the user.",
"items": {
"$ref": "Role
},
"readonly": true,
"required": false,
"title": "Roles",
"type": "array"
},
"stale": {
"description": "Property 'stale' can be considered to have these values - absent - This type of rolebinding does not support stale property TRUE - Rolebinding is stale in vIDM meaning the user is no longer present in vIDM FALSE - Rolebinding is available in vIDM UNKNOWN - Rolebinding's state of staleness in unknown Once rolebindings become stale, they can be deleted using the API POST /aaa/role-bindings?action=delete_stale_bindings",
"enum": [
"TRUE",
"FALSE",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Stale in vIDM",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"enum": [
"remote_user",
"remote_group",
"local_user",
"principal_identity"
],
"readonly": true,
"required": true,
"title": "Type",
"type": "string"
},
"user_id": {
"description": "Local user's numeric id on the system.",
"readonly": true,
"required": false,
"title": "Local user's numeric id",
"type": "string"
}
},
"title": "User/Group's role binding",
"type": "object"
}
RoleBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleBindingListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RoleBinding
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RoleBindingRequestParameters (type)
{
"description": "Pagination and Filtering parameters to get only a subset of users/groups.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "RoleBindingRequestParameters",
"module_id": "AAA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"identity_source_id": {
"description": "If provided, only return role bindings for the given identity source. Currently only supported for LDAP and OIDC identity source types.",
"required": false,
"title": "Identity source ID",
"type": "string"
},
"identity_source_type": {
"enum": [
"VIDM",
"LDAP",
"OIDC"
],
"required": false,
"title": "Identity source type",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"name": {
"required": false,
"title": "User/Group name",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"role": {
"required": false,
"title": "Role ID",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"enum": [
"remote_user",
"remote_group",
"local_user",
"principal_identity"
],
"required": false,
"title": "Type",
"type": "string"
}
},
"title": "Parameters to filter list of role bindings.",
"type": "object"
}
RoleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Role
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RoleWithFeatures (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "RoleWithFeatures",
"module_id": "AAA",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "FeaturePermission
},
"required": true,
"title": "Features",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"role": {
"description": "Short identifier for the role. Must be all lower case with no spaces.",
"pattern": "^[_a-z0-9-]+$",
"readonly": true,
"required": true,
"title": "Role identifier",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Role",
"type": "object"
}
RoleWithFeaturesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoleWithFeaturesListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RoleWithFeatures
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RouteAdvertisementRule (type)
{
"additionalProperties": false,
"id": "RouteAdvertisementRule",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"default": "PERMIT",
"description": "Action to advertise filtered routes to the connected Tier0 gateway. PERMIT: Enables the advertisment DENY: Disables the advertisement",
"enum": [
"PERMIT",
"DENY"
],
"required": true,
"title": "Action to advertise routes",
"type": "string"
},
"name": {
"description": "Display name should be unique.",
"required": true,
"title": "Display name for rule",
"type": "string"
},
"prefix_operator": {
"default": "GE",
"description": "Prefix operator to filter subnets. GE prefix operator filters all the routes with prefix length greater than or equal to the subnets configured. EQ prefix operator filter all the routes with prefix length equal to the subnets configured.",
"enum": [
"GE",
"EQ"
],
"required": false,
"title": "Prefix operator to match subnets",
"type": "string"
},
"route_advertisement_types": {
"description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.",
"items": {
"$ref": "Tier1RouteAdvertisentTypes
},
"required": false,
"title": "Enable different types of route advertisements",
"type": "array"
},
"subnets": {
"description": "Network CIDRs to be routed.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"required": false,
"title": "Network CIDRs",
"type": "array"
}
},
"title": "Route advertisement rules and filtering",
"type": "object"
}
RouteAggregationEntry (type)
{
"additionalProperties": false,
"id": "RouteAggregationEntry",
"module_id": "PolicyConnectivity",
"properties": {
"prefix": {
"description": "CIDR of aggregate address",
"format": "ip-cidr-block",
"required": true,
"title": "CIDR of aggregate address",
"type": "string"
},
"summary_only": {
"default": true,
"description": "Send only summarized route. Summarization reduces number of routes advertised by representing multiple related routes with prefix property.",
"required": false,
"title": "Send only summarized route",
"type": "boolean"
}
},
"title": "List of routes to be aggregated",
"type": "object"
}
RouteBasedIPSecVpnSession (type)
{
"additionalProperties": false,
"description": "A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.",
"extends": {
"$ref": "IPSecVpnSession
},
"id": "RouteBasedIPSecVpnSession",
"module_id": "PolicyVpnIPSecVpn",
"polymorphic-type-descriptor": {
"type-identifier": "RouteBasedIPSecVpnSession"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"authentication_mode": {
"default": "PSK",
"description": "Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.",
"enum": [
"PSK",
"CERTIFICATE"
],
"title": "Authentication Mode",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"compliance_suite": {
"description": "Compliance suite.",
"enum": [
"CNSA",
"SUITE_B_GCM_128",
"SUITE_B_GCM_256",
"PRIME",
"FOUNDATION",
"FIPS",
"NONE"
],
"title": "Compliance suite",
"type": "string"
},
"connection_initiation_mode": {
"default": "INITIATOR",
"description": "Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.",
"enum": [
"INITIATOR",
"RESPOND_ONLY",
"ON_DEMAND"
],
"title": "Connection initiation mode",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"dpd_profile_path": {
"description": "Policy path referencing Dead Peer Detection (DPD) profile. Default is set to system default profile.",
"title": "Dead peer detection (DPD) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_DPD_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnDpdProfile"
]
}
]
},
"enabled": {
"default": true,
"description": "Enable/Disable IPSec VPN session.",
"title": "Enable/Disable IPSec VPN session",
"type": "boolean"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "If true the default firewall rule Action is set to DROP, otherwise set to ALLOW. This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field.",
"required": false,
"title": "Flag to add default whitelisting Gateway Policy rule for the VTI interface.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ike_profile_path": {
"description": "Policy path referencing IKE profile to be used. Default is set according to system default profile.",
"title": "Internet key exchange (IKE) profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_IKE_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnIkeProfile"
]
}
]
},
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"description": "Public IPV4 address of the remote device terminating the VPN connection. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "IPV4 address of peer endpoint on remote site",
"type": "string"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"required": false,
"title": "Peer id",
"type": "string"
},
"psk": {
"description": "IPSec Pre-shared key. Maximum length of this field is 128 characters.",
"sensitive": true,
"title": "Pre-shared key",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "IPSecVpnSessionResourceType,
"required": true
},
"site_overrides": {
"description": "A collection of site specific attributes specificed only on GM",
"items": {
"$ref": "SiteOverride
},
"maxItems": 128,
"required": false,
"title": "SiteOverride list",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_mss_clamping": {
"$ref": "TcpMaximumSegmentSizeClamping,
"description": "TCP Maximum Segment Size Clamping Direction and Value.",
"title": "TCP MSS Clamping"
},
"tunnel_interfaces": {
"description": "IP Tunnel interfaces. This property is mandatory on LM. It is required on GM only in case of site_overrides property not provided.",
"items": {
"$ref": "IPSecVpnTunnelInterface
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IP Tunnel interfaces",
"type": "array"
},
"tunnel_profile_path": {
"description": "Policy path referencing Tunnel profile to be used. Default is set to system default profile.",
"title": "IPSec tunnel profile path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"PolicyBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
},
{
"leftType": [
"RouteBasedIPSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_TUNNEL_PROFILE_RELATIONSHIP",
"rightType": [
"IPSecVpnTunnelProfile"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Route based VPN session",
"type": "object"
}
RouteBasedL3VpnSession (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"description": "A Route Based L3Vpn is more flexible, more powerful and recommended over policy based. IP Tunnel subnet is created and all traffic routed through tunnel subnet is sent over tunnel. Routes can be learned through BGP. A route based L3Vpn is required when using redundant L3Vpn.",
"extends": {
"$ref": "L3VpnSession
},
"id": "RouteBasedL3VpnSession",
"module_id": "PolicyL3Vpn",
"polymorphic-type-descriptor": {
"type-identifier": "RouteBasedL3VpnSession"
},
"properties": {
"default_rule_logging": {
"default": false,
"description": "Indicates if logging should be enabled for the default whitelisting rule for the VTI interface.",
"required": false,
"title": "Enable logging for whitelisted rule for the VTI interface",
"type": "boolean"
},
"force_whitelisting": {
"default": false,
"description": "The default firewall rule Action is set to DROP if true otherwise set to ALLOW.",
"required": false,
"title": "Flag to add default whitelisting FW rule for the VTI interface.",
"type": "boolean"
},
"resource_type": {
"$ref": "L3VpnSessionResourceType,
"required": true
},
"routing_config_path": {
"deprecated": true,
"description": "This is a deprecated field. Any specified value is not saved and will be ignored.",
"title": "Routing configuration policy path",
"type": "string"
},
"tunnel_subnets": {
"description": "Virtual tunnel interface (VTI) port IP subnets to be used to configure route-based L3Vpn session. A max of one tunnel subnet is allowed.",
"items": {
"$ref": "TunnelSubnet
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Virtual Tunnel Interface (VTI) IP subnets",
"type": "array",
"uniqueItems": true
}
},
"title": "Route based L3Vpn Session",
"type": "object"
}
RouteDetails (type)
{
"additionalProperties": false,
"description": "BGP route details.",
"id": "RouteDetails",
"module_id": "AggSvcLogicalRouter",
"properties": {
"as_path": {
"description": "BGP AS path attribute.",
"readonly": true,
"required": false,
"title": "AS path",
"type": "string"
},
"local_pref": {
"description": "BGP Local Preference attribute.",
"readonly": true,
"required": false,
"title": "Local preference",
"type": "integer"
},
"med": {
"description": "BGP Multi Exit Discriminator attribute.",
"readonly": true,
"required": false,
"title": "Multi Exit Discriminator",
"type": "integer"
},
"network": {
"$ref": "IPCIDRBlock,
"description": "CIDR network address.",
"readonly": true,
"required": true,
"title": "CIDR network address"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop IP address.",
"readonly": true,
"required": false,
"title": "Next hop IP address"
},
"weight": {
"description": "BGP Weight attribute.",
"readonly": true,
"required": false,
"title": "Weight",
"type": "integer"
}
},
"title": "BGP route details",
"type": "object"
}
RouteMapEntry (type)
{
"additionalProperties": false,
"id": "RouteMapEntry",
"module_id": "PolicyConnectivity",
"properties": {
"action": {
"description": "Action for the route map entry",
"enum": [
"PERMIT",
"DENY"
],
"required": true,
"title": "Action for the route map entry",
"type": "string"
},
"community_list_matches": {
"description": "Community list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.",
"items": {
"$ref": "CommunityMatchCriteria
},
"required": false,
"title": "Community list match criteria",
"type": "array"
},
"prefix_list_matches": {
"description": "Prefix list match criteria for route map. Properties community_list_matches and prefix_list_matches are mutually exclusive and cannot be used in the same route map entry.",
"items": {
"type": "string"
},
"maxItems": 500,
"required": false,
"title": "Prefix list match criteria",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0RouteMap"
],
"relationshipType": "ROUTEMAP_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
},
"set": {
"$ref": "RouteMapEntrySet,
"description": "Set criteria for route map entry",
"required": false,
"title": "Set criteria for route map entry"
}
},
"title": "Route map entry",
"type": "object"
}
RouteMapEntrySet (type)
{
"additionalProperties": false,
"id": "RouteMapEntrySet",
"module_id": "PolicyConnectivity",
"properties": {
"as_path_prepend": {
"description": "AS path prepend to influence route selection.",
"required": false,
"title": "AS path prepend to influence route selection",
"type": "string"
},
"community": {
"description": "Set BGP regular or large community for matching routes. A maximum of one value for each community type separated by space. Well-known community name, community value in aa:nn (2byte:2byte) format for regular community and community value in aa:bb:nn (4byte:4byte:4byte) format for large community are supported.",
"required": false,
"title": "Set BGP community",
"type": "string"
},
"local_preference": {
"default": 100,
"description": "Local preference indicates the degree of preference for one BGP route over other BGP routes. The path with highest local preference is preferred.",
"maximum": 4294967295,
"title": "Local preference to set for matching BGP routes",
"type": "integer"
},
"med": {
"description": "Multi exit descriminator (MED) is a hint to BGP neighbors about the preferred path into an autonomous system (AS) that has multiple entry points. A lower MED value is preferred over a higher value.",
"maximum": 4294967295,
"minimum": 0,
"required": false,
"title": "Multi exit descriminator",
"type": "int"
},
"prefer_global_v6_next_hop": {
"description": "For incoming and import route_maps on receiving both v6 global and v6 link-local address for the route, prefer to use the global address as the next hop. By default, it prefers the link-local next hop.",
"required": false,
"title": "Prefer global v6 next hop over local next hop",
"type": "boolean"
},
"weight": {
"description": "Weight is used to select a route when multiple routes are available to the same network. Route with the highest weight is preferred.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Weight used to select certain path",
"type": "int"
}
},
"title": "Set criteria for route map entry",
"type": "object"
}
RouterLinkRuntimeRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RouterLinkRuntimeRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point. It is mandantory for router link interface statistics and ARP-table APIs.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "Enforcement point path.",
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"tier1_path": {
"description": "Policy path of tier1.",
"required": true,
"title": "Policy path of tier1",
"type": "string"
}
},
"title": "Router link runtime status request parameters",
"type": "object"
}
RouterNexthop (type)
{
"additionalProperties": false,
"id": "RouterNexthop",
"module_id": "PolicyConnectivity",
"properties": {
"admin_distance": {
"default": 1,
"description": "Cost associated with next hop route",
"maximum": 255,
"minimum": 1,
"required": false,
"title": "Cost associated with next hop route",
"type": "int"
},
"ip_address": {
"$ref": "IPAddress,
"description": "Next hop gateway IP address",
"required": false,
"title": "Next hop gateway IP address"
},
"scope": {
"description": "Interface path associated with current route. For example: specify a policy path referencing the IPSec VPN Session.",
"items": {
"type": "string"
},
"minItems": 1,
"required": false,
"title": "Interface path associated with current route",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"StaticRoutes"
],
"relationshipType": "PROVIDER_INTERFACE_STATIC_ROUTE_RELATIONSHIP",
"rightType": [
"IPSecVpnSession",
"Tier1Interface",
"Tier0Interface",
"Segment",
"LocaleServices",
"Tier0"
]
}
]
}
},
"title": "Next hop configuration for network",
"type": "object"
}
RoutesPerTransportNode (type)
{
"additionalProperties": false,
"description": "BGP routes per transport node.",
"id": "RoutesPerTransportNode",
"module_id": "AggSvcLogicalRouter",
"properties": {
"routes": {
"description": "Array of BGP neighbor route details for this transport node.",
"items": {
"$ref": "RouteDetails
},
"readonly": true,
"required": false,
"title": "BGP neighbor route details",
"type": "array"
},
"source_address": {
"$ref": "IPAddress,
"description": "BGP neighbor source address.",
"readonly": true,
"required": false,
"title": "BGP neighbor source address"
},
"transport_node_id": {
"readonly": true,
"required": true,
"title": "Transport node id",
"type": "string"
}
},
"title": "Routes per transport node",
"type": "object"
}
RoutesRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseListRequestParameters
},
"id": "RoutesRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"edge_id": {
"description": "UUID of edge node. Edge should be member of enforcement point.",
"title": "UUID of edge node",
"type": "string"
},
"edge_path": {
"description": "Policy path of edge node. Edge should be member of enforcement point.",
"title": "Policy path of edge node",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned. This property is required for retrieving routes in CSV format.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"network_prefix": {
"$ref": "IPAddressOrCIDRBlock,
"description": "IPAddress or CIDR network address to filter entries in the table.",
"title": "Network address filter parameter"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"route_source": {
"description": "Filter routes based on the source from which route is learned.",
"enum": [
"BGP",
"STATIC",
"CONNECTED",
"OSPF"
],
"title": "Filter routes based on the source from which route is learned",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Routes request parameters",
"type": "object"
}
RoutingEntry (type)
{
"additionalProperties": false,
"description": "Routing table entry.",
"id": "RoutingEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"admin_distance": {
"description": "Admin distance.",
"readonly": true,
"title": "Admin distance",
"type": "int"
},
"interface": {
"required": false,
"title": "The policy path of the interface which is used as the next hop",
"type": "string"
},
"lr_component_id": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) id",
"type": "string"
},
"lr_component_type": {
"required": false,
"title": "Logical router component(Service Router/Distributed Router) type",
"type": "string"
},
"network": {
"description": "Network CIDR.",
"readonly": true,
"title": "Network CIDR",
"type": "string"
},
"next_hop": {
"$ref": "IPAddress,
"description": "Next hop address.",
"readonly": true,
"title": "Next hop address"
},
"route_type": {
"description": "Route type in routing table. t0c - Tier-0 Connected t0s - Tier-0 Static b - BGP t0n - Tier-0 NAT t1s - Tier-1 Static t1c - Tier-1 Connected t1n: Tier-1 NAT t1l: Tier-1 LB VIP t1ls: Tier-1 LB SNAT t1d: Tier-1 DNS FORWARDER t1ipsec: Tier-1 IPSec isr: Inter-SR",
"readonly": true,
"title": "Route type (USER, CONNECTED, NSX_INTERNAL,..)",
"type": "string"
}
},
"title": "Routing table entry",
"type": "object"
}
RoutingTable (type)
{
"additionalProperties": false,
"description": "Routing table.",
"id": "RoutingTable",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"count": {
"description": "Entry count.",
"readonly": true,
"title": "Entry count",
"type": "int"
},
"edge_node": {
"description": "Transport node ID.",
"readonly": true,
"title": "Transport node ID",
"type": "string"
},
"error_message": {
"description": "Routing table fetch error message, populated only if status if failure.",
"readonly": true,
"title": "Routing table fetch error.",
"type": "string"
},
"route_entries": {
"description": "Route entries.",
"items": {
"$ref": "RoutingEntry
},
"required": true,
"title": "Route entries",
"type": "array"
},
"status": {
"description": "Routing table fetch status from Transport node.",
"enum": [
"SUCCESS",
"FAILURE",
"NOT_FOUND"
],
"readonly": true,
"title": "Routing table fetch status.",
"type": "string"
}
},
"title": "Routing table",
"type": "object"
}
RoutingTableListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RoutingTableListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Routes per transport node ID.",
"items": {
"$ref": "RoutingTable,
"title": "Routing table"
},
"required": false,
"title": "Paged Collection of Routes per transport node ID",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
RowListField (type)
{
"additionalProperties": false,
"description": "Root of the api result set for forming rows.",
"id": "RowListField",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Short name or alias of row list field, if any. If unspecified, the row list field can be referenced by its index in the array of row list fields as $<index> (for example, $0).",
"maxLength": 255,
"title": "Alias Name",
"type": "string"
},
"path": {
"description": "JSON path to the root of the api result set for forming rows.",
"maxLength": 1024,
"required": true,
"title": "JSON path",
"type": "string"
}
},
"title": "List of fields from which rows are formed",
"type": "object"
}
RpAddressMulticastRanges (type)
{
"additionalProperties": false,
"description": "Static IPv4 multicast address and assciated multicast group ranges.",
"id": "RpAddressMulticastRanges",
"module_id": "PolicyMulticast",
"properties": {
"multicast_ranges": {
"description": "Assciated multicast group ranges configuration.",
"items": {
"$ref": "IPCIDRBlock
},
"required": false,
"title": "Assciated multicast group ranges configuration",
"type": "array"
},
"rp_address": {
"$ref": "IPAddress,
"description": "Static IPv4 multicast address configuration.",
"required": true,
"title": "Static IPv4 multicast address configuration"
}
},
"title": "Static IPv4 multicast address and assciated multicast group ranges",
"type": "object"
}
Rule (type)
{
"additionalProperties": false,
"description": "A rule indicates the action to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "Rule",
"module_id": "Policy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"action": {
"description": "The action to be applied to all the services The JUMP_TO_APPLICATION action is only supported for rules created in the Environment category. Once a match is hit then the rule processing will jump to the rules present in the Application category, skipping all further rules in the Environment category. If no rules match in the Application category then the default application rule will be hit. This is applicable only for DFW.",
"enum": [
"ALLOW",
"DROP",
"REJECT",
"JUMP_TO_APPLICATION"
],
"required": false,
"title": "Action",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the security policy rule between the workload groups",
"type": "object"
}
RuleInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a rule w.r.t to another one in the same security policy. If the rule specified in the anchor_path belongs to another security policy an error will be thrown.",
"extends": {
"$ref": "PolicyInsertParameters
},
"id": "RuleInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where rule needs to be placed",
"type": "object"
}
RuleListRequestParameters (type)
{
"additionalProperties": false,
"description": "By default, if sort_by is missing, then rules will be sorted based on sequence_number and then on rule_id as second level sorting criteria.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "RuleListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Rule list request parameters",
"type": "object"
}
RuleListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "BaseRuleListResult
},
"id": "RuleListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Rule
},
"required": true,
"title": "Rule list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Rules",
"type": "object"
}
RuleStatistics (type)
{
"extends": {
"$ref": "Resource
},
"id": "RuleStatistics",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"byte_count": {
"description": "Aggregated number of bytes processed by the rule.",
"readonly": true,
"required": false,
"title": "Bytes count",
"type": "integer"
},
"hit_count": {
"description": "Aggregated number of hits received by the rule.",
"readonly": true,
"required": false,
"title": "Hits count",
"type": "integer"
},
"internal_rule_id": {
"description": "Realized id of the rule on NSX MP. Policy Manager can create more than one rule per policy rule, in which case this identifier helps to distinguish between the multple rules created.",
"readonly": true,
"required": false,
"title": "NSX internal rule id",
"type": "string"
},
"l7_accept_count": {
"description": "Aggregated number of L7 Profile Accepted counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Accept count",
"type": "integer"
},
"l7_reject_count": {
"description": "Aggregated number of L7 Profile Rejected counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject count",
"type": "integer"
},
"l7_reject_with_response_count": {
"description": "Aggregated number of L7 Profile Rejected with Response counters received by the rule.",
"readonly": true,
"required": false,
"title": "L7 Reject with response count",
"type": "integer"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Edge FW.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string"
},
"max_popularity_index": {
"description": "Maximum value of popularity index of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "The maximum popularity index",
"type": "integer"
},
"max_session_count": {
"description": "Maximum value of sessions count of all rules of the type. This is aggregated statistic which are computed with lower frequency compared to generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Maximum Sessions count",
"type": "integer"
},
"packet_count": {
"description": "Aggregated number of packets processed by the rule.",
"readonly": true,
"required": false,
"title": "Packets count",
"type": "integer"
},
"popularity_index": {
"description": "This is calculated by sessions count divided by age of the rule.",
"readonly": true,
"required": false,
"title": "The index of the popularity of rule",
"type": "integer"
},
"rule": {
"description": "Path of the rule.",
"readonly": true,
"required": false,
"title": "Rule path",
"type": "string"
},
"session_count": {
"description": "Aggregated number of sessions processed by the rule.",
"readonly": true,
"required": false,
"title": "sessions count",
"type": "integer"
},
"total_session_count": {
"description": "Aggregated number of sessions processed by all the rules This is aggregated statistic which are computed with lower frequency compared to individual generic rule statistics. It may have a computation delay up to 15 minutes in response to this API.",
"readonly": true,
"required": false,
"title": "Total Sessions count",
"type": "integer"
}
},
"type": "object"
}
RuleStatisticsForEnforcementPoint (type)
{
"description": "Rule statistics for a specfic enforcement point.",
"id": "RuleStatisticsForEnforcementPoint",
"module_id": "Policy",
"properties": {
"container_cluster_path": {
"description": "Rule statistics for a single container cluster",
"readonly": true,
"required": false,
"title": "Cluster container path",
"type": "string"
},
"enforcement_point": {
"description": "Rule statistics for a single enforcement point",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "RuleStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Rule Statistics"
}
},
"title": "Rule statistics for an enforcement point",
"type": "object"
}
RuleStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "RuleStatisticsListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "RuleStatisticsForEnforcementPoint
},
"required": true,
"title": "RuleStatistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of rule statistics",
"type": "object"
}
RuntimeState (type)
{
"additionalProperties": false,
"description": "Runtime State.",
"enum": [
"UNINITIALIZED",
"UNKNOWN",
"UP",
"DOWN",
"DEGRADED",
"SUCCESS",
"FAILURE",
"IN_PROGRESS"
],
"id": "RuntimeState",
"module_id": "PolicyRealizationStatus",
"title": "Runtime State",
"type": "string"
}
ScpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "ScpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "scp"
},
"properties": {
"authentication_scheme": {
"$ref": "PasswordAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
SearchQueryRequest (type)
{
"additionalProperties": false,
"description": "Search query request.",
"extends": {
"$ref": "ListRequestParameters
},
"id": "SearchQueryRequest",
"module_id": "Search",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"query": {
"description": "The syntax of query is described in Search API documentation.",
"required": true,
"title": "Search query",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SearchQueryRequest",
"type": "object"
}
SearchResponse (type)
{
"additionalProperties": false,
"description": "Search response",
"extends": {
"$ref": "ListResult
},
"id": "SearchResponse",
"module_id": "Search",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "List of records matching the search query.",
"items": {
"type": "object"
},
"readonly": true,
"title": "Search results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SearchResponse",
"type": "object"
}
SecurityFeature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SecurityFeatureBase
},
"id": "SecurityFeature",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - enable the feature, false - disable the feture",
"required": true,
"title": "Flag to enable/disable",
"type": "boolean"
},
"feature": {
"$ref": "SecurityFeaturesSupported,
"required": true
}
},
"title": "T1 Security feature entity with feature details",
"type": "object"
}
SecurityFeatureBase (type)
{
"additionalProperties": false,
"id": "SecurityFeatureBase",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - enable the feature, false - disable the feture",
"required": true,
"title": "Flag to enable/disable",
"type": "boolean"
}
},
"title": "Security Feature feature entity",
"type": "object"
}
SecurityFeatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "SecurityFeature
},
"required": true,
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "T1 Security features entity with feature details",
"type": "object"
}
SecurityFeaturesSupported (type)
{
"description": "Feature to be enabled/disabled. IDPS - Intrusion Detection System TLS - Transport Layer Security Inspection MALWAREPREVENTION - Malware Prevention Use any one of this to enable/disabe it.",
"enum": [
"MALWAREPREVENTION",
"IDFW",
"IDPS",
"TLS"
],
"id": "SecurityFeaturesSupported",
"module_id": "PolicyGatewaySecurityFeature",
"readonly": true,
"required": false,
"title": "Collection of T1 supported security features",
"type": "string"
}
SecurityPolicy (type)
{
"description": "Ordered list of Rules.",
"extends": {
"$ref": "Policy
},
"id": "SecurityPolicy",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildRule"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"application_connectivity_strategy": {
"description": "This field indicates the application connectivity policy for the security policy.",
"items": {
"$ref": "ApplicationConnectivityStrategy
},
"maxItems": 3,
"required": false,
"title": "List of Application Connectivity strategy for this SecurityPolicy",
"type": "array"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"connectivity_preference": {
"description": "This field indicates the default connectivity policy for the security policy. Based on the connectivitiy preference, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity preference. If NONE is selected or no connectivity preference is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_preference without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. ALLOWLIST - Adds a default drop rule. Administrator can then use \"allow\" rules to allow traffic between groups DENYLIST - Adds a default allow rule. Admin can then use \"drop\" rules to block traffic between groups ALLOWLIST_ENABLE_LOGGING - Allowlisting with logging enabled DENYLIST_ENABLE_LOGGING - Denylisting with logging enabled NONE - No default rule is created.",
"enum": [
"ALLOWLIST",
"DENYLIST",
"ALLOWLIST_ENABLE_LOGGING",
"DENYLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity preference applicable for this SecurityPolicy",
"type": "string"
},
"connectivity_strategy": {
"deprecated": true,
"description": "This field indicates the default connectivity policy for the security policy. Based on the connectivity strategy, a default rule for this security policy will be created. An appropriate action will be set on the rule based on the value of the connectivity strategy. If NONE is selected or no connectivity strategy is specified, then no default rule for the security policy gets created. The default rule that gets created will be a any-any rule and applied to entities specified in the scope of the security policy. Specifying the connectivity_strategy without specifying the scope is not allowed. The scope has to be a Group and one cannot specify IPAddress directly in the group that is used as scope. This default rule is only applicable for the Layer3 security policies. This property is deprecated. Use the type connectivity_preference instead. WHITELIST - Adds a default drop rule. Administrator can then use \"allow\" rules (aka whitelist) to allow traffic between groups BLACKLIST - Adds a default allow rule. Admin can then use \"drop\" rules (aka blacklist) to block traffic between groups WHITELIST_ENABLE_LOGGING - Whitelising with logging enabled BLACKLIST_ENABLE_LOGGING - Blacklisting with logging enabled NONE - No default rule is created.",
"enum": [
"WHITELIST",
"BLACKLIST",
"WHITELIST_ENABLE_LOGGING",
"BLACKLIST_ENABLE_LOGGING",
"NONE"
],
"required": false,
"title": "Connectivity strategy applicable for this SecurityPolicy",
"type": "string"
},
"default_rule_id": {
"description": "Based on the value of the connectivity strategy, a default rule is created for the security policy. The rule id is internally assigned by the system for this default rule.",
"readonly": true,
"required": false,
"title": "Default rule ID associated with the connectivity_preference",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"logging_enabled": {
"default": false,
"deprecated": true,
"description": "This property is deprecated. Flag to enable logging for all the rules in the security policy. If the value is true then logging will be enabled for all the rules in the security policy. If the value is false, then the rule level logging value will be honored.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "Rule
},
"required": false,
"title": "Rules that are a part of this SecurityPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules",
"type": "object"
}
SecurityPolicyInsertParameters (type)
{
"description": "Parameters to let the admin specify a relative position of a security policy w.r.t to another one.",
"extends": {
"$ref": "PolicyInsertParameters
},
"id": "SecurityPolicyInsertParameters",
"module_id": "Policy",
"properties": {
"anchor_path": {
"required": false,
"title": "The security policy/rule path if operation is 'insert_after' or\n'insert_before'\n",
"type": "string"
},
"operation": {
"default": "insert_top",
"enum": [
"insert_top",
"insert_bottom",
"insert_after",
"insert_before"
],
"required": false,
"title": "Operation",
"type": "string"
}
},
"title": "Parameters to tell where security policy needs to be placed",
"type": "object"
}
SecurityPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SecurityPolicyListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"include_rule_count": {
"default": false,
"description": "If true, populate the rule_count field with the count of rules in the particular policy. By default, rule_count will not be populated.",
"required": false,
"title": "Include the count of rules in policy",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SecurityPolicy list request parameters",
"type": "object"
}
SecurityPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListResult
},
"id": "SecurityPolicyListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SecurityPolicy
},
"required": true,
"title": "SecurityPolicy list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of security policies",
"type": "object"
}
SecurityPolicyStatistics (type)
{
"description": "Aggregate statistics of all the rules in a security policy.",
"id": "SecurityPolicyStatistics",
"module_id": "Policy",
"properties": {
"internal_section_id": {
"description": "Realized id of the section on NSX MP. Policy Manager can create more than one section per SecurityPolicy, in which case this identifier helps to distinguish between the multiple sections created.",
"readonly": true,
"required": false,
"title": "NSX internal section id",
"type": "string"
},
"lr_path": {
"description": "Path of the LR on which the section is applied in case of Gateway Firewall.",
"readonly": true,
"required": false,
"title": "Logical Router (Tier-0/Tier1) path",
"type": "string"
},
"result_count": {
"description": "Total count for rule statistics",
"readonly": true,
"required": true,
"title": "Rule stats count",
"type": "integer"
},
"results": {
"description": "List of rule statistics.",
"items": {
"$ref": "RuleStatistics
},
"maxItems": 1000,
"readonly": true,
"required": false,
"title": "Statistics for all rules",
"type": "array"
}
},
"title": "Security policy statistics",
"type": "object"
}
SecurityPolicyStatisticsForEnforcementPoint (type)
{
"description": "Aggregate statistics of all the rules in a security policy for a specific enforcement point.",
"id": "SecurityPolicyStatisticsForEnforcementPoint",
"module_id": "Policy",
"properties": {
"container_cluster_path": {
"description": "Security Policy statistics for a single container cluster",
"readonly": true,
"required": false,
"title": "Cluster container path",
"type": "string"
},
"enforcement_point": {
"description": "Enforcement point to fetch the statistics from.",
"readonly": true,
"required": false,
"title": "Enforcement point path",
"type": "string"
},
"statistics": {
"$ref": "SecurityPolicyStatistics,
"description": "Statistics for the specified enforcement point",
"readonly": true,
"required": false,
"title": "Security Policy Statistics"
}
},
"title": "Security policy statistics for an enforcement point",
"type": "object"
}
SecurityPolicyStatisticsListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SecurityPolicyStatisticsListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SecurityPolicyStatisticsForEnforcementPoint
},
"required": true,
"title": "Security Policy statistics list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Security Policy statistics",
"type": "object"
}
SecurityProfileBindingMap (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Base security profile binding map",
"type": "object"
}
Segment (type)
{
"additionalProperties": false,
"description": "Segment configuration to attach workloads.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Segment",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildDhcpStaticBindingConfig",
"ChildSegmentDiscoveryProfileBindingMap",
"ChildSegmentMonitoringProfileBindingMap",
"ChildSegmentPort",
"ChildSegmentQoSProfileBindingMap",
"ChildSegmentSecurityProfileBindingMap",
"ChildStaticARPConfig"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"deprecated": true,
"description": "Static address binding used for the Segment. This field is deprecated and will be removed in a future release. Please use address_bindings in SegmentPort to configure static bindings.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 512,
"required": false,
"title": "Address bindings for the Segment",
"type": "array"
},
"admin_state": {
"default": "UP",
"description": "Admin state represents desired state of segment. It does not reflect the state of other logical entities connected/attached to the segment.",
"enum": [
"UP",
"DOWN"
],
"required": false,
"title": "Represents Desired state of the Segment",
"type": "string"
},
"advanced_config": {
"$ref": "SegmentAdvancedConfig,
"description": "Advanced configuration for Segment.",
"required": false,
"title": "Advanced configuration for Segment"
},
"bridge_profiles": {
"description": "Multiple distinct L2 bridge profiles can be configured.",
"items": {
"$ref": "BridgeProfileConfig
},
"title": "Bridge Profile Configuration",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"connectivity_path": {
"description": "Policy path to the connecting Tier-0 or Tier-1. Valid only for segments created under Infra. This field can only be used for overlay segments. VLAN backed segments cannot have connectivity path set.",
"required": false,
"title": "Policy path to the connecting Tier-0 or Tier-1",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "NETWORK_INFRA_SEGMENT_RELATIONSHIP",
"rightType": [
"Tier1"
]
},
{
"leftType": [
"Segment"
],
"relationshipType": "PROVIDER_INFRA_SEGMENT_RELATIONSHIP",
"rightType": [
"Tier0"
]
}
]
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_path": {
"description": "Policy path to DHCP server or relay configuration to use for all IPv4 & IPv6 subnets configured on this segment.",
"required": false,
"title": "Policy path to DHCP configuration",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Segment"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"domain_name": {
"required": false,
"title": "DNS domain name",
"type": "string"
},
"evpn_segment": {
"description": "Flag to indicate if the Segment is a Child-Segment of type EVPN.",
"readonly": true,
"title": "Evpn Segment Flag.",
"type": "boolean"
},
"evpn_tenant_config_path": {
"description": "Policy path to the EvpnTenantConfig resource. Supported only for Route-Server Evpn Mode. Supported only for Overlay Segments. This will be populated for both Parent and Child segments participating in Evpn Route-Server Mode.",
"required": false,
"title": "Policy path to the EvpnTenantConfig",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_EVPN_TENANT_CONFIG_RELATIONSHIP",
"rightType": [
"EvpnTenantConfig"
]
}
]
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs, the setting in extra_configs will be automatically inheritted by segment ports in the Segment.",
"items": {
"$ref": "SegmentExtraConfig
},
"required": false,
"title": "Extra configs on Segment",
"type": "array"
},
"federation_config": {
"$ref": "FederationConnectivityConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"l2_extension": {
"$ref": "L2Extension,
"required": false,
"title": "Configuration for extending Segment through L2 VPN"
},
"ls_id": {
"deprecated": true,
"description": "This property is deprecated. The property will continue to work as expected for existing segments. The segments that are newly created with ls_id will be ignored. Sepcify pre-creted logical switch id for Segment.",
"required": false,
"title": "Pre-created logical switch id for Segment",
"type": "string"
},
"mac_pool_id": {
"description": "Mac pool id that associated with a Segment.",
"required": false,
"title": "Allocation mac pool associated with the Segment",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"metadata_proxy_paths": {
"description": "Policy path to metadata proxy configuration. Multiple distinct MD proxies can be configured.",
"items": {
"type": "string"
},
"title": "Metadata Proxy Configuration Paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_METADATA_PROXY_RELATIONSHIP",
"rightType": [
"MetadataProxyConfig"
]
}
]
},
"overlay_id": {
"description": "Used for overlay connectivity of segments. The overlay_id should be allocated from the pool as definied by enforcement-point. If not provided, it is auto-allocated from the default pool on the enforcement-point.",
"maximum": 2147483647,
"minimum": 0,
"required": false,
"title": "Overlay connectivity ID for this Segment",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"replication_mode": {
"default": "MTEP",
"description": "If this field is not set for overlay segment, then the default of MTEP will be used.",
"enum": [
"MTEP",
"SOURCE"
],
"required": false,
"title": "Replication mode of the Segment",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"items": {
"$ref": "SegmentSubnet
},
"required": false,
"title": "Subnet configuration. Max 1 subnet",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to the transport zone. Supported for VLAN backed segments as well as Overlay Segments. - This field is required for VLAN backed Segments. - For overlay Segments, it is auto assigned if only one transport zone exists in the enforcement point. Default transport zone is auto assigned for overlay segments if none specified.",
"required": false,
"title": "Policy path to the transport zone",
"type": "string"
},
"type": {
"description": "Segment type based on configuration.",
"enum": [
"ROUTED",
"EXTENDED",
"ROUTED_AND_EXTENDED",
"DISCONNECTED"
],
"readonly": true,
"title": "Segment type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vlan_ids": {
"description": "VLAN ids for a VLAN backed Segment. Can be a VLAN id or a range of VLAN ids specified with '-' in between.",
"items": {
"type": "string"
},
"required": false,
"title": "VLAN ids for VLAN backed Segment",
"type": "array"
}
},
"title": "Segment configuration",
"type": "object"
}
SegmentAdvancedConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ConnectivityAdvancedConfig
},
"id": "SegmentAdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"address_pool_paths": {
"description": "Policy path to IP address pools.",
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Policy path to IP address pools",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "IP_POOL_CONSUMER_RELATIONSHIP",
"rightType": [
"IpAddressPool"
]
}
]
},
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
},
"hybrid": {
"default": false,
"description": "When set to true, all the ports created on this segment will behave in a hybrid fashion. The hybrid port indicates to NSX that the VM intends to operate in underlay mode, but retains the ability to forward egress traffic to the NSX overlay network. This property is only applicable for segment created with transport zone type OVERLAY_STANDARD. This property cannot be modified after segment is created.",
"required": false,
"title": "Flag to identify a hybrid logical switch",
"type": "boolean"
},
"inter_router": {
"default": false,
"description": "When set to true, any port attached to this logical switch will not be visible through VC/ESX UI",
"required": false,
"title": "Flag to indicate if the logical switch will provide inter-router connectivity",
"type": "boolean"
},
"local_egress": {
"default": false,
"description": "This property is used to enable proximity routing with local egress. When set to true, logical router interface (downlink) connecting Segment to Tier0/Tier1 gateway is configured with prefix-length 32.",
"required": false,
"title": "Flag to enable local egress",
"type": "boolean"
},
"local_egress_routing_policies": {
"description": "An ordered list of routing policies to forward traffic to the next hop.",
"items": {
"$ref": "LocalEgressRoutingEntry
},
"minItems": 1,
"required": false,
"title": "Local egress routing policies",
"type": "array"
},
"multicast": {
"description": "Enable multicast on the downlink LRP created to connect the segment to Tier0/Tier1 gateway.",
"required": false,
"title": "Enable multicast on the downlink",
"type": "boolean"
},
"ndra_profile_path": {
"description": "This profile is applie dto the downlink logical router port created while attaching this semgnet to tier-0 or tier-1. If this field is empty, NDRA profile of the router is applied to the newly created port.",
"required": false,
"title": "Policy path of Neighbor Discovery Router Advertisement profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Segment"
],
"relationshipType": "SEGMENT_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
}
]
},
"node_local_switch": {
"description": "A behaviour required for Firewall As A Service (FaaS) where the segment BUM traffic is confined within the edge node that this segment belongs to.",
"required": false,
"title": "Prevent BUM (broadcast, unknown-unicast and multicast) traffic from reaching the other spanned edges",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source DVPG. Currently, only DVPortgroups are identified as Discovered Segments. The origin_id is the identifier of DVPortgroup from the source vCenter server.",
"required": false,
"title": "ID of the discovered Segment representing a network managed by non-NSX entity.",
"type": "string"
},
"origin_type": {
"description": "The type of source from where the DVPortgroup is discovered",
"enum": [
"VCENTER"
],
"title": "The DVPortgroup origin type",
"type": "string"
},
"uplink_teaming_policy_name": {
"description": "The name of the switching uplink teaming policy for the Segment. This name corresponds to one of the switching uplink teaming policy names listed in TransportZone associated with the Segment. See transport_zone_path property above for more details. When this property is not specified, the segment will not have a teaming policy associated with it and the host switch's default teaming policy will be used by MP.",
"title": "Uplink Teaming Policy Name",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"description": "This URPF mode is applied to the downlink logical router port created while attaching this segment to tier-0 or tier-1.",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Advanced configuration for Segment",
"type": "object"
}
SegmentConfigurationState (type)
{
"additionalProperties": false,
"description": "Segment state on specific Enforcement Point.",
"extends": {
"$ref": "ConfigurationState
},
"id": "SegmentConfigurationState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"details": {
"items": {
"$ref": "ConfigurationStateElement
},
"readonly": true,
"required": false,
"title": "Array of configuration state of various sub systems",
"type": "array"
},
"failure_code": {
"readonly": true,
"required": false,
"title": "Error code",
"type": "integer"
},
"failure_message": {
"readonly": true,
"required": false,
"title": "Error message in case of failure",
"type": "string"
},
"segment_path": {
"readonly": true,
"required": false,
"title": "Segment path",
"type": "string"
},
"state": {
"description": "Gives details of state of desired configuration. Additional enums with more details on progress/success/error states are sent for edge node. The success states are NODE_READY and TRANSPORT_NODE_READY, pending states are {VM_DEPLOYMENT_QUEUED, VM_DEPLOYMENT_IN_PROGRESS, REGISTRATION_PENDING} and other values indicate failures. \"in_sync\" state indicates that the desired configuration has been received by the host to which it applies, but is not yet in effect. When the configuration is actually in effect, the state will change to \"success\". Please note, failed state is deprecated.",
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown",
"error",
"in_sync",
"NOT_AVAILABLE",
"VM_DEPLOYMENT_QUEUED",
"VM_DEPLOYMENT_IN_PROGRESS",
"VM_DEPLOYMENT_FAILED",
"VM_POWER_ON_IN_PROGRESS",
"VM_POWER_ON_FAILED",
"REGISTRATION_PENDING",
"NODE_NOT_READY",
"NODE_READY",
"VM_POWER_OFF_IN_PROGRESS",
"VM_POWER_OFF_FAILED",
"VM_UNDEPLOY_IN_PROGRESS",
"VM_UNDEPLOY_FAILED",
"VM_UNDEPLOY_SUCCESSFUL",
"EDGE_CONFIG_ERROR",
"VM_DEPLOYMENT_RESTARTED",
"REGISTRATION_FAILED",
"TRANSPORT_NODE_SYNC_PENDING",
"TRANSPORT_NODE_CONFIGURATION_MISSING",
"EDGE_HARDWARE_NOT_SUPPORTED",
"MULTIPLE_OVERLAY_TZS_NOT_SUPPORTED",
"TN_OVERLAY_TZ_IN_USE_BY_EDGE_CLUSTER",
"TZ_ENDPOINTS_NOT_SPECIFIED",
"NO_PNIC_PREPARED_IN_EDGE",
"APPLIANCE_INTERNAL_ERROR",
"VTEP_DHCP_NOT_SUPPORTED",
"UNSUPPORTED_HOST_SWITCH_PROFILE",
"UPLINK_HOST_SWITCH_PROFILE_NOT_SPECIFIED",
"HOSTSWITCH_PROFILE_NOT_FOUND",
"LLDP_SEND_ENABLED_NOT_SUPPORTED",
"UNSUPPORTED_NAMED_TEAMING_POLICY",
"LBSRCID_NOT_SUPPORTED_FOR_EDGE_VM",
"LACP_NOT_SUPPORTED_FOR_EDGE_VM",
"STANDBY_UPLINKS_NOT_SUPPORTED_FOR_EDGE_VM",
"MULTIPLE_ACTIVE_UPLINKS_NOT_SUPPORTED_FOR_EDGE",
"UNSUPPORTED_LACP_LB_ALGO_FOR_NODE",
"EDGE_NODE_VERSION_NOT_SUPPORTED",
"NO_PNIC_SPECIFIED_IN_TN",
"INVALID_PNIC_DEVICE_NAME",
"TRANSPORT_NODE_READY",
"VM_NETWORK_EDIT_PENDING",
"UNSUPPORTED_DEFAULT_TEAMING_POLICY",
"MPA_DISCONNECTED",
"VM_RENAME_PENDING",
"VM_CONFIG_EDIT_PENDING",
"VM_NETWORK_EDIT_FAILED",
"VM_RENAME_FAILED",
"VM_CONFIG_EDIT_FAILED",
"VM_CONFIG_DISCREPANCY",
"VM_NODE_REFRESH_FAILED",
"VM_PLACEMENT_REFRESH_FAILED",
"REGISTRATION_TIMEDOUT",
"REPLACE_FAILED",
"UPLINK_FROM_TEAMING_POLICY_NOT_MAPPED",
"LOGICAL_SWITCH_NAMED_TEAMING_HAS_NO_PNIC_BACKING",
"DELETE_VM_IN_REDEPLOY_FAILED",
"DEPLOY_VM_IN_REDEPLOY_FAILED",
"INSUFFICIENT_RESOURCES_IN_EDGE_NODE_FOR_SERVICE",
"VM_RESOURCE_RESERVATION_FAILED",
"DUPLICATE_PNICS_IN_TEAMINGS_WITH_MULTIPLE_UPLINKS_AND_FAILOVER_ORDER",
"DUPLICATE_VLANS_SHARING_SAME_PNICMULTIPLE_UPLINKS_IN_NAMED_TEAMING_NOT_SUPPORTED_IF_UPLINK_IN_DEFAULT_TEAMING",
"EDGE_NODE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_VM_VSPHERE_SETTINGS_MISMATCH_RESOLVE",
"EDGE_NODE_SETTINGS_AND_VSPHERE_SETTINGS_ARE_CHANGED_RESOLVE",
"EDGE_VSPHERE_LOCATION_MISMATCH_RESOLVE",
"COMPUTE_MANAGER_NOT_FOUND",
"DELETE_IN_PROGRESS"
],
"readonly": true,
"required": true,
"title": "Overall state of desired configuration",
"type": "string"
}
},
"title": "Segment state on specific Enforcement Point",
"type": "object"
}
SegmentConfigurationStateListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentConfigurationStateListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Paged Collection of Segment State on specific Enforcement Point",
"items": {
"$ref": "SegmentConfigurationState
},
"required": false,
"title": "Paged Collection of Segment State on specific Enforcement Point",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
SegmentCrossSiteTrafficStats (type)
{
"additionalProperties": false,
"id": "SegmentCrossSiteTrafficStats",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the l2 forwarder statistics was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"rx_stats": {
"$ref": "InterSitePortCounters,
"description": "Total received data counters.",
"readonly": true,
"title": "Received data counters"
},
"segment_path": {
"description": "Policy path of Segment to attach interface.",
"readonly": true,
"required": true,
"title": "Policy path of Segment to attach interface",
"type": "string"
},
"tx_stats": {
"$ref": "InterSitePortCounters,
"description": "Total sent data counters.",
"readonly": true,
"title": "Sent data counters"
}
},
"type": "object"
}
SegmentDeleteRequestParameters (type)
{
"additionalProperties": false,
"id": "SegmentDeleteRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cascade": {
"default": false,
"description": "When the flag is true, all segment ports associated with this segment are detached and deleted.",
"required": false,
"title": "Flag to specify whether to delete related segment ports",
"type": "boolean"
}
},
"title": "Segment delete request parameters",
"type": "object"
}
SegmentDhcpConfig (type)
{
"abstract": true,
"additionalProperties": false,
"description": "DHCP IPv4 and IPv6 configurations are extended from this abstract class.",
"id": "SegmentDhcpConfig",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
}
},
"title": "DHCP configuration for segment subnet",
"type": "object"
}
SegmentDhcpV4Config (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SegmentDhcpConfig
},
"id": "SegmentDhcpV4Config",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentDhcpV4Config"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"options": {
"$ref": "DhcpV4Options,
"description": "IPv4 DHCP options for segment subnet.",
"required": false,
"title": "DHCP options"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
}
},
"title": "DHCP configuration of IPv4 subnet in a segment",
"type": "object"
}
SegmentDhcpV6Config (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SegmentDhcpConfig
},
"id": "SegmentDhcpV6Config",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentDhcpV6Config"
},
"properties": {
"dns_servers": {
"description": "IP address of DNS servers for subnet. DNS server IP address must belong to the same address family as segment gateway_address property.",
"items": {
"$ref": "IPAddress
},
"maxItems": 2,
"required": false,
"title": "DNS servers for subnet",
"type": "array"
},
"domain_names": {
"description": "Domain names for subnet.",
"items": {
"type": "string"
},
"required": false,
"title": "Domain names for subnet",
"type": "array"
},
"excluded_ranges": {
"description": "Excluded addresses to define dynamic ip allocation ranges.",
"items": {
"$ref": "IPElement
},
"maxItems": 128,
"minItems": 0,
"required": false,
"title": "Excluded range of IPv6 addresses",
"type": "array"
},
"lease_time": {
"default": 86400,
"description": "DHCP lease time in seconds. When specified, this property overwrites lease time configured DHCP server config.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "DHCP lease time for subnet",
"type": "integer"
},
"preferred_time": {
"description": "The length of time that a valid address is preferred. When the preferred lifetime expires, the address becomes deprecated.",
"maximum": 4294967295,
"minimum": 60,
"required": false,
"title": "Preferred time",
"type": "integer"
},
"resource_type": {
"enum": [
"SegmentDhcpV4Config",
"SegmentDhcpV6Config"
],
"required": true,
"type": "string"
},
"server_address": {
"$ref": "IPCIDRBlock,
"description": "IP address of the DHCP server in CIDR format. The server_address is mandatory in case this segment has provided a dhcp_config_path and it represents a DHCP server config. If this SegmentDhcpConfig is a SegmentDhcpV4Config, the address must be an IPv4 address. If this is a SegmentDhcpV6Config, the address must be an IPv6 address. This address must not overlap the ip-ranges of the subnet, or the gateway address of the subnet, or the DHCP static-binding addresses of this segment.",
"required": false,
"title": "IP address of the DHCP server"
},
"sntp_servers": {
"description": "IPv6 address of SNTP servers for subnet.",
"items": {
"$ref": "IPv6Address
},
"maxItems": 2,
"required": false,
"title": "SNTP servers for subnet",
"type": "array"
}
},
"title": "DHCP configuration of IPv6 subnet in a segment",
"type": "object"
}
SegmentDiscoveryProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between discovery profile and Segment. Using this entity, user can specify intent for applying discovery profile to particular segments.",
"extends": {
"$ref": "DiscoveryProfileBindingMap
},
"id": "SegmentDiscoveryProfileBindingMap",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_discovery_profile_path": {
"description": "PolicyPath of associated IP Discovery Profile",
"required": false,
"title": "IP Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentDiscoveryProfileBindingMap"
],
"relationshipType": "SEGMENT_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
}
]
},
"mac_discovery_profile_path": {
"description": "PolicyPath of associated Mac Discovery Profile",
"required": false,
"title": "Mac Discovery Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentDiscoveryProfileBindingMap"
],
"relationshipType": "SEGMENT_BINDINGMAP_MACDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"MacDiscoveryProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Segment Discovery Profile binding map",
"type": "object"
}
SegmentDiscoveryProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentDiscoveryProfileBindingMapListRequestParameters",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment Discovery Profile Binding Map list request parameters",
"type": "object"
}
SegmentDiscoveryProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentDiscoveryProfileBindingMapListResult",
"module_id": "PolicyDiscoveryProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentDiscoveryProfileBindingMap
},
"required": true,
"title": "Segment Discovery Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment Discovery Profile Binding Maps",
"type": "object"
}
SegmentExtraConfig (type)
{
"additionalProperties": false,
"description": "Segment extra config is intended for supporting vendor specific configuration on the data path, it can be set as key value string pairs on either segment or segment port.",
"id": "SegmentExtraConfig",
"module_id": "PolicyConnectivity",
"properties": {
"config_pair": {
"$ref": "UnboundedKeyValuePair,
"required": true,
"title": "Key value pair in string for the configuration"
}
},
"title": "Vendor specific configuration on segment or Segment port",
"type": "object"
}
SegmentL2ForwarderSiteSpanInfo (type)
{
"additionalProperties": false,
"experimental": true,
"id": "SegmentL2ForwarderSiteSpanInfo",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"inter_site_forwarder_status": {
"description": "Inter-site forwarder status per node.",
"items": {
"$ref": "L2ForwarderStatusPerNode
},
"readonly": true,
"title": "Inter-site forwarder status per node",
"type": "array"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the L2 forwarder remote mac addresses was last updated.",
"readonly": true,
"required": true,
"title": "Last updated timestamp"
},
"remote_macs_per_site": {
"description": "L2 forwarder remote mac addresses per site for logical switch.",
"items": {
"$ref": "L2ForwarderRemoteMacsPerSite
},
"readonly": true,
"title": "L2 forwarder remote mac addresses per site",
"type": "array"
},
"segment_path": {
"description": "Policy path of a segment.",
"readonly": true,
"required": true,
"title": "Segment path",
"type": "string"
}
},
"type": "object"
}
SegmentListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"segment_type": {
"enum": [
"DVPortgroup",
"ALL"
],
"title": "Segment type",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment list request parameters",
"type": "object"
}
SegmentListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Segment
},
"required": true,
"title": "Segment list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segments",
"type": "object"
}
SegmentMacAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentMacAddressListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "MacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
SegmentMonitoringProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between monitoring profile and Segment. Using this entity, you can specify intent for applying monitoring profile to particular segment.",
"extends": {
"$ref": "MonitoringProfileBindingMap
},
"id": "SegmentMonitoringProfileBindingMap",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipfix_l2_profile_path": {
"description": "PolicyPath of associated IPFIX L2 Profile",
"required": false,
"title": "IPFIX L2 Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentMonitoringProfileBindingMap"
],
"relationshipType": "IPFIX_L2_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"IPFIXL2Profile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"port_mirroring_profile_path": {
"description": "PolicyPath of associated Port Mirroring Profile",
"required": false,
"title": "Port Mirroring Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentMonitoringProfileBindingMap"
],
"relationshipType": "PORT_MIRRORING_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"PortMirroringProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Segment Monitoring Profile binding map",
"type": "object"
}
SegmentMonitoringProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentMonitoringProfileBindingMapListRequestParameters",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment Monitoring Profile Binding Map list request parameters",
"type": "object"
}
SegmentMonitoringProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentMonitoringProfileBindingMapListResult",
"module_id": "PolicyMonitoringProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentMonitoringProfileBindingMap
},
"required": true,
"title": "Segment Monitoring Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment Monitoring Profile Binding Maps",
"type": "object"
}
SegmentPort (type)
{
"additionalProperties": false,
"description": "Policy port will create LogicalPort on LogicalSwitch corresponding to the Segment. Address bindings cannot be removed after realization.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SegmentPort",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildPortDiscoveryProfileBindingMap",
"ChildPortMonitoringProfileBindingMap",
"ChildPortQoSProfileBindingMap",
"ChildPortSecurityProfileBindingMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_bindings": {
"description": "Static address binding used for the port.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 512,
"required": false,
"title": "Address bindings for the port",
"type": "array"
},
"admin_state": {
"default": "UP",
"enum": [
"UP",
"DOWN"
],
"required": false,
"title": "Represents desired state of the segment port",
"type": "string"
},
"attachment": {
"$ref": "PortAttachment,
"description": "Only VIF attachment is supported",
"required": false,
"title": "VIF attachment"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"extra_configs": {
"description": "This property could be used for vendor specific configuration in key value string pairs. Segment port setting will override segment setting if the same key was set on both segment and segment port.",
"items": {
"$ref": "SegmentExtraConfig
},
"required": false,
"title": "Extra configs on segment port",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignored_address_bindings": {
"description": "IP Discovery module uses various mechanisms to discover address bindings being used on each segment port. If a user would like to ignore any specific discovered address bindings or prevent the discovery of a particular set of discovered bindings, then those address bindings can be provided here. Currently IP range in CIDR format is not supported.",
"items": {
"$ref": "PortAddressBindingEntry
},
"maxItems": 16,
"minItems": 0,
"required": false,
"title": "Address bindings to be ignored by IP Discovery module",
"type": "array"
},
"init_state": {
"description": "Set initial state when a new logical port is created. 'UNBLOCKED_VLAN' means new port will be unblocked on traffic in creation, also VLAN will be set with corresponding logical switch setting. This port setting can only be configured at port creation, and cannot be modified. 'RESTORE_VIF' fetches and restores VIF attachment from ESX host.",
"enum": [
"UNBLOCKED_VLAN",
"RESTORE_VIF"
],
"required": false,
"title": "Initial state of this logical ports",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"origin_id": {
"description": "ID populated by NSX when NSX on DVPG is used to indicate the source Distributed Virtual Port and the corresponding Distributed Virtual Switch. This ID is populated only for ports attached to discovered segments.",
"readonly": true,
"title": "ID of the distributed virtual port and the distributed virtual switch in the source vCenter",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"source_site_id": {
"description": "This field will refer to the source site on which the segment port is discovered. This field is populated by GM, when it receives corresponding notification from LM.",
"readonly": true,
"title": "source site(LM) id.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy port object for segment",
"type": "object"
}
SegmentPortAttachmentState (type)
{
"additionalProperties": false,
"id": "SegmentPortAttachmentState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"attachers": {
"items": {
"$ref": "PortAttacher
},
"readonly": true,
"required": false,
"title": "VM or vmknic entities that are attached to the Segment Port",
"type": "array"
},
"id": {
"readonly": true,
"required": false,
"title": "VIF ID",
"type": "string"
},
"state": {
"description": "A segment port must be in one of following states. FREE - If there are no active attachers. The port may or may not have an attachment ID configured on it. This state is applicable only to port of static type. ATTACHED - Segment port has exactly one active attacher and no further configuration is pending. ATTACHED_PENDING_CONF - Segment port has exactly one attacher, however it may not have been configured completely. Additional configuration will be provided by other nsx components. ATTACHED_IN_MOTION - Segment port has multiple active attachers. This state represents a scenario where VM is moving from one location (host or storage) to another (e.g. vmotion, vSphere HA) DETACHED - A temporary state after all port attachers have been detached. This state is applicable only to a port of ephemeral type and the port will soon be deleted.",
"enum": [
"FREE",
"ATTACHED",
"ATTACHED_PENDING_CONF",
"ATTACHED_IN_MOTION",
"DETACHED"
],
"readonly": true,
"required": true,
"title": "State of the VIF attached to Segment Port",
"type": "string"
}
},
"title": "VIF attachment state of a segment port",
"type": "object"
}
SegmentPortListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentPortListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SegmentPort list request parameters",
"type": "object"
}
SegmentPortListResult (type)
{
"additionalProperties": false,
"description": "List SegmentPort objects",
"extends": {
"$ref": "ListResult
},
"id": "SegmentPortListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Place holder for the list result",
"items": {
"$ref": "SegmentPort
},
"required": true,
"title": "SegmentPort list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SegmentPort",
"type": "object"
}
SegmentPortMacAddressCsvListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvListResult
},
"id": "SegmentPortMacAddressCsvListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"results": {
"items": {
"$ref": "SegmentPortMacTableCsvEntry
},
"required": false,
"type": "array"
}
},
"type": "object"
}
SegmentPortMacAddressListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentPortMacAddressListResult",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentPortMacTableEntry
},
"required": false,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "Transport node identifier",
"type": "string"
}
},
"type": "object"
}
SegmentPortMacTableCsvEntry (type)
{
"additionalProperties": false,
"extends": {
"$ref": "CsvRecord
},
"id": "SegmentPortMacTableCsvEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
SegmentPortMacTableEntry (type)
{
"additionalProperties": false,
"id": "SegmentPortMacTableEntry",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"mac_address": {
"required": true,
"title": "The MAC address",
"type": "string"
},
"mac_type": {
"$ref": "MacAddressType,
"required": true,
"title": "The type of the MAC address"
}
},
"type": "object"
}
SegmentPortState (type)
{
"additionalProperties": false,
"description": "Contains realized state of the segment port. For example: transport node on which the port is located, discovered and realized address bindings of the port.",
"id": "SegmentPortState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"attachment": {
"$ref": "SegmentPortAttachmentState,
"readonly": true,
"required": false,
"title": "Segment port attachment state"
},
"discovered_bindings": {
"description": "Contains the list of address bindings for a segment port that were automatically dicovered using various snooping methods like ARP, DHCP etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Segment port bindings discovered automatically",
"type": "array"
},
"duplicate_bindings": {
"description": "If any address binding discovered on the port is also found on other port on the same segment, then it is included in the duplicate bindings list along with the ID of the port with which it conflicts.",
"items": {
"$ref": "DuplicateAddressBindingEntry
},
"title": "Duplicate segment port address bindings",
"type": "array"
},
"realized_bindings": {
"description": "List of segment port bindings that are realized. This list may be populated from the discovered bindings or manual user specified bindings. This binding configuration can be used by features such as firewall, spoof-guard, traceflow etc.",
"items": {
"$ref": "AddressBindingEntry
},
"title": "Realized segment port bindings",
"type": "array"
},
"transport_node_ids": {
"items": {
"type": "string"
},
"required": false,
"title": "Identifiers of the transport nodes where the port is located",
"type": "array"
}
},
"title": "Realized state of the segment port on enforcement point",
"type": "object"
}
SegmentPortStatistics (type)
{
"additionalProperties": false,
"description": "Segment port statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalPortStatistics
},
"id": "SegmentPortStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"title": "Segment port statistics on specific Enforcement Point",
"type": "object"
}
SegmentPortStatus (type)
{
"additionalProperties": false,
"description": "Segment port status on specific Enforcement Point.",
"extends": {
"$ref": "LogicalPortOperationalStatus
},
"id": "SegmentPortStatus",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_port_id": {
"readonly": true,
"required": true,
"title": "The id of the logical port",
"type": "string"
},
"status": {
"enum": [
"UP",
"DOWN",
"UNKNOWN"
],
"required": true,
"title": "The Operational status of the logical port",
"type": "string"
}
},
"title": "Segment port status on specific Enforcement Point",
"type": "object"
}
SegmentQoSProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between qos profile and Segment. Using this entity, you can specify intent for applying qos profile to particular segment.",
"extends": {
"$ref": "QoSProfileBindingMap
},
"id": "SegmentQoSProfileBindingMap",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"qos_profile_path": {
"description": "PolicyPath of associated QoS Profile",
"required": false,
"title": "QoS Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentQoSProfileBindingMap"
],
"relationshipType": "QOS_PROFILE_SEGMENT_BINDING_MAP_RELATIONSHIP",
"rightType": [
"QoSProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"segment qos profile binding map"
],
"title": "Segment QoS Profile binding map",
"type": "object"
}
SegmentQoSProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SegmentQoSProfileBindingMapListRequestParameters",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment QoS Profile Binding Map list request parameters",
"type": "object"
}
SegmentQoSProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentQoSProfileBindingMapListResult",
"module_id": "PolicyQoSProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentQoSProfileBindingMap
},
"required": true,
"title": "Segment QoS Profile Binding Map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Segment QoS Profile Binding Maps",
"type": "object"
}
SegmentRequestParameter (type)
{
"additionalProperties": false,
"description": "Segment request parameter, used in hierarchical API.",
"extends": {
"$ref": "PolicyRequestParameter
},
"id": "SegmentRequestParameter",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "SegmentRequestParameter"
},
"properties": {
"force": {
"required": true,
"title": "Force segment update.",
"type": "boolean"
},
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Segment request rarameter for HAPI",
"type": "object"
}
SegmentSecurityProfile (type)
{
"additionalProperties": false,
"description": "Security features extended by policy operations for securing logical segments.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SegmentSecurityProfile",
"module_id": "PolicySegmentSecurity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bpdu_filter_allow": {
"description": "Pre-defined list of allowed MAC addresses to be excluded from BPDU filtering. List of allowed MACs - 01:80:c2:00:00:00, 01:80:c2:00:00:01, 01:80:c2:00:00:02, 01:80:c2:00:00:03, 01:80:c2:00:00:04, 01:80:c2:00:00:05, 01:80:c2:00:00:06, 01:80:c2:00:00:07, 01:80:c2:00:00:08, 01:80:c2:00:00:09, 01:80:c2:00:00:0a, 01:80:c2:00:00:0b, 01:80:c2:00:00:0c, 01:80:c2:00:00:0d, 01:80:c2:00:00:0e, 01:80:c2:00:00:0f, 00:e0:2b:00:00:00, 00:e0:2b:00:00:04, 00:e0:2b:00:00:06, 01:00:0c:00:00:00, 01:00:0c:cc:cc:cc, 01:00:0c:cc:cc:cd, 01:00:0c:cd:cd:cd, 01:00:0c:cc:cc:c0, 01:00:0c:cc:cc:c1, 01:00:0c:cc:cc:c2, 01:00:0c:cc:cc:c3, 01:00:0c:cc:cc:c4, 01:00:0c:cc:cc:c5, 01:00:0c:cc:cc:c6, 01:00:0c:cc:cc:c7",
"items": {
"$ref": "MACAddress
},
"maxItems": 32,
"minItems": 0,
"required": false,
"title": "Disable BPDU filtering on this whitelist",
"type": "array"
},
"bpdu_filter_enable": {
"default": true,
"description": "Indicates whether BPDU filter is enabled. BPDU filtering is enabled by default.",
"required": false,
"title": "BPDU filtering status",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_client_block_enabled": {
"default": false,
"description": "Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default.",
"required": false,
"title": "Enable DHCP client block",
"type": "boolean"
},
"dhcp_client_block_v6_enabled": {
"default": false,
"description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default.",
"required": false,
"title": "Enable DHCP client block v6",
"type": "boolean"
},
"dhcp_server_block_enabled": {
"default": true,
"description": "Filters DHCP server and/or client traffic. DHCP server blocking is enabled and client blocking is disabled by default.",
"required": false,
"title": "Enable DHCP server block",
"type": "boolean"
},
"dhcp_server_block_v6_enabled": {
"default": true,
"description": "Filters DHCP server and/or client IPv6 traffic. DHCP server blocking is enabled and client blocking is disabled by default.",
"required": false,
"title": "Enable DHCP server block v6",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"non_ip_traffic_block_enabled": {
"default": false,
"description": "A flag to block all traffic except IP/(G)ARP/BPDU.",
"required": false,
"title": "Enable non IP traffic block",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"ra_guard_enabled": {
"default": false,
"description": "Enable or disable Router Advertisement Guard.",
"required": false,
"title": "Enable Router Advertisement Guard",
"type": "boolean"
},
"rate_limits": {
"$ref": "TrafficRateLimits,
"description": "Allows configuration of rate limits for broadcast and multicast traffic. Rate limiting is disabled by default",
"required": false,
"title": "Rate limiting configuration"
},
"rate_limits_enabled": {
"default": false,
"description": "Enable or disable Rate Limits",
"required": false,
"title": "Enable Rate Limits",
"type": "boolean"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"security segment profile"
],
"title": "Segment Security Profile",
"type": "object"
}
SegmentSecurityProfileBindingMap (type)
{
"additionalProperties": false,
"description": "Contains the binding relationship between segment and security profile.",
"extends": {
"$ref": "SecurityProfileBindingMap
},
"id": "SegmentSecurityProfileBindingMap",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_security_profile_path": {
"description": "The policy path of the asscociated Segment Security profile",
"required": false,
"title": "Segment Security Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentSecurityProfileBindingMap"
],
"relationshipType": "SEGMENT_SECURITY_BINDING_MAP_SEGMENT_SECURITY_RELATIONSHIP",
"rightType": [
"SegmentSecurityProfile"
]
}
]
},
"spoofguard_profile_path": {
"description": "The policy path of the asscociated SpoofGuard profile",
"required": false,
"title": "SpoofGuard Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"SegmentSecurityProfileBindingMap"
],
"relationshipType": "SEGMENT_SECURITY_BINDING_MAP_SPOOFGUARD_RELATIONSHIP",
"rightType": [
"SpoofGuardProfile"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Security profile binding map for segment",
"type": "object"
}
SegmentSecurityProfileBindingMapListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SegmentSecurityProfileBindingMapListRequestParameters",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment security profile binding map request parameters",
"type": "object"
}
SegmentSecurityProfileBindingMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentSecurityProfileBindingMapListResult",
"module_id": "PolicySecurityProfileBinding",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentSecurityProfileBindingMap
},
"required": true,
"title": "Segment security profile binding map list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of segment security profile binding maps",
"type": "object"
}
SegmentSecurityProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SegmentSecurityProfileListRequestParameters",
"module_id": "PolicySegmentSecurity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Segment security profile request parameters",
"type": "object"
}
SegmentSecurityProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SegmentSecurityProfileListResult",
"module_id": "PolicySegmentSecurity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SegmentSecurityProfile
},
"required": true,
"title": "Segment Security profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of segment security profiles",
"type": "object"
}
SegmentStateRequestParameters (type)
{
"additionalProperties": false,
"description": "Request parameters that represents a segment path and enforcement_point_path.",
"extends": {
"$ref": "PolicyRuntimeRequestParameters
},
"id": "SegmentStateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"configuration_state": {
"enum": [
"pending",
"in_progress",
"success",
"failed",
"partial_success",
"orphaned",
"unknown"
],
"required": false,
"title": "Configuration state of the segment on enforcement point",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
}
},
"title": "Request Parameters for Metadata Proxy Runtime Information",
"type": "object"
}
SegmentStatistics (type)
{
"additionalProperties": false,
"description": "Segment statistics on specific Enforcement Point.",
"extends": {
"$ref": "LogicalSwitchStatistics
},
"id": "SegmentStatistics",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"dropped_by_security_packets": {
"$ref": "PacketsDroppedBySecurity,
"readonly": true,
"required": false
},
"last_update_timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the data was last updated; unset if data source has never updated the data.",
"readonly": true
},
"logical_switch_id": {
"readonly": true,
"required": true,
"title": "The id of the logical Switch",
"type": "string"
},
"mac_learning": {
"$ref": "MacLearningCounters,
"readonly": true,
"required": false
},
"rx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"rx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_bytes": {
"$ref": "DataCounter,
"readonly": true,
"required": false
},
"tx_packets": {
"$ref": "DataCounter,
"readonly": true,
"required": false
}
},
"title": "Segment statistics on specific Enforcement Point",
"type": "object"
}
SegmentSubnet (type)
{
"additionalProperties": false,
"id": "SegmentSubnet",
"module_id": "PolicyConnectivity",
"properties": {
"dhcp_config": {
"$ref": "SegmentDhcpConfig,
"description": "Additional DHCP configuration for current subnet.",
"required": false,
"title": "Additional DHCP configuration"
},
"dhcp_ranges": {
"description": "DHCP address ranges are used for dynamic IP allocation. Supports address range and CIDR formats. First valid host address from the first value is assigned to DHCP server IP address. Existing values cannot be deleted or modified, but additional DHCP ranges can be added.",
"items": {
"$ref": "IPElement
},
"maxItems": 99,
"minItems": 1,
"required": false,
"title": "DHCP address ranges for dynamic IP allocation",
"type": "array"
},
"gateway_address": {
"description": "Gateway IP address in CIDR format for both IPv4 and IPv6.",
"format": "ip-cidr-block",
"title": "Gateway IP address.",
"type": "string"
},
"network": {
"description": "Network CIDR for this subnet calculated from gateway_addresses and prefix_len.",
"readonly": true,
"title": "Network CIDR for subnet",
"type": "string"
}
},
"title": "Subnet configuration for segment",
"type": "object"
}
SelectableResourceReference (type)
{
"extends": {
"$ref": "ResourceReference
},
"id": "SelectableResourceReference",
"module_id": "ClusterRestore",
"properties": {
"is_valid": {
"description": "Will be set to false if the referenced NSX resource has been deleted.",
"readonly": true,
"required": false,
"title": "Target validity",
"type": "boolean"
},
"selected": {
"required": true,
"title": "Set to true if this resource has been selected to be acted upon",
"type": "boolean"
},
"target_display_name": {
"description": "Display name of the NSX resource.",
"maxLength": 255,
"readonly": true,
"required": false,
"title": "Target display name",
"type": "string"
},
"target_id": {
"description": "Identifier of the NSX resource.",
"maxLength": 64,
"readonly": false,
"required": false,
"title": "Target ID",
"type": "string"
},
"target_type": {
"description": "Type of the NSX resource.",
"maxLength": 255,
"readonly": false,
"required": false,
"title": "Target type",
"type": "string"
}
},
"title": "Resources to take action on",
"type": "object"
}
SelfResourceLink (type)
{
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"extends": {
"$ref": "ResourceLink
},
"id": "SelfResourceLink",
"module_id": "Common",
"properties": {
"action": {
"readonly": true,
"title": "Optional action",
"type": "string"
},
"href": {
"readonly": true,
"required": true,
"title": "Link to resource",
"type": "string"
},
"rel": {
"description": "Custom relation type (follows RFC 5988 where appropriate definitions exist)",
"readonly": true,
"required": true,
"title": "Link relation type",
"type": "string"
}
},
"title": "Link to this resource",
"type": "object"
}
SelfSignedActionParameter (type)
{
"additionalProperties": false,
"id": "SelfSignedActionParameter",
"module_id": "CertificateManager",
"properties": {
"days_valid": {
"default": 825,
"maximum": 10000,
"minimum": 1,
"required": true,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
}
},
"type": "object"
}
Service (type)
{
"description": "Used while defining a CommunicationEntry. A service may have multiple service entries.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Service",
"module_id": "Policy",
"policy_hierarchical_children": [
"ChildServiceEntry"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_default": {
"default": false,
"description": "The flag, if true, indicates that service is created in the system by default. Such default services can't be modified/deleted.",
"readonly": true,
"title": "Flag for default services",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"service_entries": {
"items": {
"$ref": "ServiceEntry
},
"title": "Service type",
"type": "array"
},
"service_type": {
"title": "Type of service, EITHER or NON_ETHER",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains the information related to a service",
"type": "object"
}
ServiceEntry (type)
{
"abstract": true,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceEntry",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"IPProtocolServiceEntry",
"IGMPTypeServiceEntry",
"ICMPTypeServiceEntry",
"ALGTypeServiceEntry",
"L4PortSetServiceEntry",
"EtherTypeServiceEntry",
"NestedServiceServiceEntry"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A Service entry that describes traffic",
"type": "object"
}
ServiceEntryListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceEntryListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service entry list request parameters",
"type": "object"
}
ServiceEntryListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceEntryListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceEntry
},
"required": true,
"title": "Service entry list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Service entries",
"type": "object"
}
ServiceInstanceEndpoint (type)
{
"additionalProperties": false,
"description": "A ServiceInstanceEndpoint belongs to one ByodPolicyServiceInstance and is attached to one ServiceInterface. A ServiceInstanceEndpoint represents a redirection target for a RedirectionPolicy.",
"extends": {
"$ref": "BaseEndpoint
},
"id": "ServiceInstanceEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "ServiceInstanceEndpoint"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"service_interface_path": {
"description": "Path of Service Interface to which this ServiceInstanceEndpoint is connected.",
"readonly": false,
"required": true,
"title": "Service Interface path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceInstanceEndpoint"
],
"relationshipType": "SERVICE_INSTANCE_ENDPOINT_SERVICE_INTERFACE_RELATIONSHIP",
"rightType": [
"ServiceInterface"
]
}
]
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service EndPoint for Byod Policy Service Instance",
"type": "object"
}
ServiceInterface (type)
{
"additionalProperties": false,
"description": "Service interface configuration for internal connectivity.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "ServiceInterface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service interface configuration",
"type": "object"
}
ServiceInterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceInterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "ServiceInterface
},
"required": true,
"title": "Service Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Service Interfaces",
"type": "object"
}
ServiceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "ServiceListRequestParameters",
"module_id": "Policy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"default_service": {
"description": "If set to true, then it will display only default services. If set to false, then it will display all user defined services. If it is not provided, then complete (default as well as user defined) list of services will be displayed.",
"title": "Fetch all default services",
"type": "boolean"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Service list request parameters",
"type": "object"
}
ServiceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "ServiceListResult",
"module_id": "Policy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Service
},
"required": true,
"title": "Service list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Services",
"type": "object"
}
ServiceReference (type)
{
"description": "An anchor object representing the intent to consume a given 3rd party service.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceReference",
"module_id": "PolicyServiceInsertion",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "A Service's operational state can be enabled or disabled. Note that would work only for NetX type of services and would not work for Guest Introsp- ection type of Services. TRUE - The Service should be enabled FALSE - The Service should be disabled",
"readonly": false,
"required": false,
"title": "Operational state of the Service.",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"partner_service_name": {
"description": "Unique name of Partner Service to be consumed for redirection.",
"required": true,
"title": "Name of Partner Service",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "An anchor object representing the intent to consume a given 3rd party service.",
"type": "object"
}
ServiceSegment (type)
{
"additionalProperties": false,
"description": "Service Segment configuration to attach Service Insertion VM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ServiceSegment",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"lr_paths": {
"description": "Policy paths of logical routers or ports | to which this Service Segment can be connected.",
"items": {
"type": "string"
},
"required": false,
"title": "Policy paths of logical routers",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceSegment"
],
"relationshipType": "SERVICE_SEGMENT_TO_LR_RELATIONSHIP",
"rightType": [
"Tier1",
"Tier0"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transport_zone_path": {
"description": "Policy path to transport zone. Only overlay transport zone is supported.",
"required": true,
"title": "Policy path to the transport zone",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ServiceSegment"
],
"relationshipType": "SERVICE_SEGMENT_TO_TRANSPORT_ZONE_RELATIONSHIP",
"rightType": [
"PolicyTransportZone"
]
}
]
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Service Segment configuration",
"type": "object"
}
ServiceType (type)
{
"enum": [
"MGMT_CLUSTER",
"MGMT_PLANE",
"API",
"NOTIFICATION_COLLECTOR",
"SYSLOG_SERVER",
"RSYSLOG_CLIENT",
"APH",
"GLOBAL_MANAGER",
"LOCAL_MANAGER",
"CLIENT_AUTH",
"RMQ",
"K8S_MSG_CLIENT",
"WEB_PROXY"
],
"id": "ServiceType",
"module_id": "CertificateManager",
"title": "Supported service types, that are using certificates.",
"type": "string"
}
SessionTimerProfileBindingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SessionTimerProfileBindingListResult",
"module_id": "PolicyProfile",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SessionTimerProfileBindingMap
},
"required": true,
"title": "Session timer profile binding maps list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of session timer profile binding maps",
"type": "object"
}
SessionTimerProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between Session Timer profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "SessionTimerProfileBindingMap",
"module_id": "PolicyProfile",
"polymorphic-type-descriptor": {
"type-identifier": "SessionTimerProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy Session Timer Profile binding map",
"type": "object"
}
SetFields (type)
{
"additionalProperties": false,
"description": "Set Fields is an action to set fields of the source event.",
"extends": {
"$ref": "Action
},
"id": "SetFields",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "SetFields"
},
"properties": {
"field_settings": {
"description": "Field Settings.",
"items": {
"$ref": "FieldSetting
},
"minItems": 1,
"title": "Field Settings",
"type": "array"
},
"resource_type": {
"description": "Reaction Action resource type.",
"enum": [
"PatchResources",
"SetFields"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Set Fields",
"type": "object"
}
SetInterSiteAphCertificateRequest (type)
{
"additionalProperties": false,
"id": "SetInterSiteAphCertificateRequest",
"module_id": "CertificateManager",
"properties": {
"cert_id": {
"description": "ID of the certificate that is already imported.",
"readonly": true,
"required": true,
"title": "Certificate ID",
"type": "string"
},
"used_by_id": {
"description": "ID of the node that this certificate is used on.",
"readonly": true,
"required": true,
"title": "Node ID",
"type": "string"
}
},
"title": "Data for setting Appliance Proxy certificate for inter-site communication",
"type": "object"
}
SetPrincipalIdentityCertificateForFederationRequest (type)
{
"additionalProperties": false,
"id": "SetPrincipalIdentityCertificateForFederationRequest",
"module_id": "CertificateManager",
"properties": {
"cert_id": {
"description": "Id of the certificate",
"readonly": true,
"required": true,
"type": "string"
},
"service_type": {
"$ref": "PIServiceType,
"description": "Service type for which the certificate should be used.",
"readonly": true,
"required": true
}
},
"title": "Data for setting a principal identity certificate",
"type": "object"
}
SftpProtocol (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Protocol
},
"id": "SftpProtocol",
"polymorphic-type-descriptor": {
"type-identifier": "sftp"
},
"properties": {
"authentication_scheme": {
"$ref": "PasswordAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"http",
"https",
"scp",
"sftp"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
ShaDynamicPlugin (type)
{
"additionalProperties": false,
"description": "Define a kind of dynamic Sha plugin.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaDynamicPlugin",
"module_id": "PolicySha",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_plugin_uploaded": {
"description": "Flag to show the dynamic plugin zip file is uploaded.",
"readonly": true,
"title": "Flag to show the dynamic plugin status",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Sha dynamic Plugin",
"type": "object"
}
ShaDynamicPluginProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaPluginProfile
},
"id": "ShaDynamicPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "DynamicPlugin"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"config": {
"description": "Define the plugin configurtion.",
"required": true,
"title": "Plugin configuration",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Dynamic created plugin profile",
"type": "object"
}
ShaPluginProfile (type)
{
"abstract": true,
"additionalProperties": false,
"description": "The ShaPluginProfile is the base class for System Health plugin profile",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Abstract base type for System Health plugin profil of different types",
"type": "object"
}
ShaPluginType (type)
{
"enum": [
"PredefinedPlugin",
"DynamicPlugin"
],
"id": "ShaPluginType",
"module_id": "PolicySha",
"title": "Valid System Health plugin types",
"type": "string"
}
ShaPredefinedPlugin (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "ShaPredefinedPlugin",
"module_id": "PolicySha",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "ShaPredefinedPluginProfileData,
"description": "Define the plugin configurtion detail.",
"readonly": true,
"title": "Plugin configuration"
},
"delay_on_reboot": {
"description": "The corresponding plugin will wait for config seconds after reboot.",
"readonly": true,
"title": "The delay after reboot",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of Sha plugin",
"readonly": true,
"title": "Profile Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pre_req_conditions": {
"description": "Display the pre-req conditions to run the predefined plugin.",
"items": {
"$ref": "PreReqCondition
},
"readonly": true,
"title": "The pre-req conditions",
"type": "array"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"supported_node_types": {
"description": "Display the running node types of predefined plugin.",
"items": {
"$ref": "NsxtNodeType
},
"readonly": true,
"title": "The supported node types",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "System pre-defined plugin config",
"type": "object"
}
ShaPredefinedPluginProfile (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ShaPluginProfile
},
"id": "ShaPredefinedPluginProfile",
"module_id": "PolicySha",
"polymorphic-type-descriptor": {
"type-identifier": "PredefinedPlugin"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"applied_to_group_path": {
"description": "The Policy group path to apply the changes on Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": false,
"title": "Binding Policy group path",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"config": {
"$ref": "ShaPredefinedPluginProfileData,
"description": "Define the plugin configurtion.",
"required": true,
"title": "Plugin configuration"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"description": "The on-off switch of System Health Plugin",
"required": true,
"title": "Plugin Enablement Flag",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"plugin_path": {
"description": "The policy path of Sha Plugin. It can be pre-defined plugin or dynamic created plugin.",
"required": true,
"title": "Plugin path",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"$ref": "ShaPluginType,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "System predefined plugin profile",
"type": "object"
}
ShaPredefinedPluginProfileData (type)
{
"additionalProperties": false,
"description": "Describes a config item for System Health profile.",
"id": "ShaPredefinedPluginProfileData",
"module_id": "PolicySha",
"properties": {
"check_interval": {
"description": "The interval of plugin to check the status.",
"title": "The check interval",
"type": "integer"
},
"report_interval": {
"description": "The interval of plugin to report the status.",
"title": "The report interval",
"type": "integer"
},
"smallest_report_interval_if_change": {
"description": "The smallest report interval if the status is changed. The value of smallest_report_interval_if_change should be less than the value of report_interval",
"title": "The smallest report interval",
"type": "integer"
}
},
"title": "System Health Plugin Config Item",
"type": "object"
}
Site (type)
{
"additionalProperties": false,
"description": "Site represents an NSX deployment having its own set of NSX clusters and transport nodes. It may correspond to a Data Center, VMC deployment, or NSX-Cloud deployment managed via CSM.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Site",
"module_id": "PolicyEnforcementPointManagement",
"policy_hierarchical_children": [
"ChildEnforcementPoint"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"fail_if_rtep_misconfigured": {
"default": true,
"description": "Both the local site and the remote site must have edge clusters correctly configured and remote tunnel endpoint (RTEP) interfaces must be defined, or onboarding will fail.",
"title": "Fail onboarding if RTEPs misconfigured",
"type": "boolean"
},
"fail_if_rtt_exceeded": {
"default": true,
"description": "Fail onboarding if maximum RTT exceeded.",
"title": "Fail onboarding if maximum RTT exceeded",
"type": "boolean"
},
"federation_config": {
"$ref": "GmFederationSiteConfig,
"description": "System managed federation config.",
"readonly": true,
"title": "Federation releated config"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"maximum_rtt": {
"default": 250,
"description": "If provided and fail_if_rtt_exceeded is true, onboarding of the site will fail if measured RTT is greater than this value.",
"maximum": 1000,
"minimum": 0,
"title": "Maximum acceptable packet round trip time (RTT)",
"type": "integer"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_connection_info": {
"description": "To onboard a site, the connection information (username, password, and API thumbprint) for at least one NSX manager node in the remote site must be provided. Once the site has been successfully onboarded, the site_connection_info is discarded and authentication to the remote site occurs using an X.509 client certificate.",
"items": {
"$ref": "SiteNodeConnectionInfo
},
"maxItems": 3,
"title": "Connection information",
"type": "array"
},
"site_number": {
"readonly": true,
"title": "12-bit system generated site number",
"type": "integer"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Site",
"type": "object"
}
SiteActionParameters (type)
{
"additionalProperties": false,
"description": "If force=true then site will be deleted even if not reachable. NOTE - Use this with caution as Global Manager will go ahead and offboard the site forcefully.",
"id": "SiteActionParameters",
"module_id": "PolicySiteGM",
"properties": {
"force": {
"required": false,
"type": "boolean"
}
},
"title": "Paramters for Site delete operation",
"type": "object"
}
SiteAllocationIndexForEdge (type)
{
"additionalProperties": false,
"description": "Index for cross site allocation for edge cluster and its members referred by gateway.",
"id": "SiteAllocationIndexForEdge",
"module_id": "PolicyConnectivity",
"properties": {
"index": {
"description": "Unqiue edge cluster node index across sites based on stretch of the Gateway. For example, if a Gateway is streched to sites S1 with one edge cluster of 3 nodes and site S2 with one edge cluster of 2 nodes, the in the Global Manager will allocate the index for 5 edge nodes and 2 cluster in the rage 0 to 7.",
"readonly": true,
"title": "Unique index across sites for gateway span",
"type": "integer"
},
"target_resource_path": {
"readonly": true,
"title": "Edge cluster or edge node path",
"type": "string"
}
},
"title": "Allocation index for edge\n",
"type": "object"
}
SiteCleanupPending (type)
{
"additionalProperties": false,
"description": "SiteCleanupPending contains information about the resource cleanup from sites.",
"id": "SiteCleanupPending",
"module_id": "GmSiteCleanupPending",
"properties": {
"marked_for_delete": {
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted.",
"readonly": true,
"title": "Indicates whether the resource is marked for deletion",
"type": "boolean"
},
"pending_sites": {
"description": "List of SpanSiteInfos representing the strech of the entity.",
"items": {
"$ref": "SpanSiteInfo
},
"readonly": true,
"title": "List of SpanSiteInfos",
"type": "array"
},
"resource_path": {
"description": "Policy resource which is either marked for delete or in process of deletion from site.",
"readonly": true,
"title": "Policy path of an resource.",
"type": "string"
}
},
"title": "Details for cleanup of resource.",
"type": "object"
}
SiteCleanupPendingListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "SiteCleanupPendingListRequestParameters",
"module_id": "GmSiteCleanupPending",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"intent_path": {
"description": "String Path of a resource. Can pass multiple values.",
"required": false,
"title": "String Path of a resource.",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SiteCleanupPending list request parameters",
"type": "object"
}
SiteCleanupPendingListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SiteCleanupPendingListResult",
"module_id": "GmSiteCleanupPending",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SiteCleanupPending
},
"readonly": true,
"title": "SiteCleanupPending list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SiteCleanupPending",
"type": "object"
}
SiteCompatibilityInfo (type)
{
"id": "SiteCompatibilityInfo",
"module_id": "SiteManagerModule",
"properties": {
"compatibility_list": {
"items": {
"type": "string"
},
"title": "Compatibility list",
"type": "array"
},
"site_version": {
"title": "Site version",
"type": "string"
}
},
"type": "object"
}
SiteFederationConfig (type)
{
"additionalProperties": false,
"description": "Site fedeation configuration.",
"id": "SiteFederationConfig",
"module_id": "PolicySiteGM",
"properties": {
"rtep_ips": {
"items": {
"$ref": "IPAddress
},
"readonly": true,
"title": "Remote tunnel endpoint IP addresses",
"type": "array"
},
"site_id": {
"readonly": true,
"title": "Site UUID",
"type": "string"
},
"site_index": {
"readonly": true,
"title": "Unique site index allocated (from range 0-4095)",
"type": "integer"
},
"site_path": {
"readonly": true,
"title": "Site path",
"type": "string"
}
},
"title": "Site fedeation configuration",
"type": "object"
}
SiteListRequestParameters (type)
{
"additionalProperties": false,
"description": "Site list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SiteListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Site List Request Parameters",
"type": "object"
}
SiteListResult (type)
{
"additionalProperties": false,
"description": "Paged Collection of Sites.",
"extends": {
"$ref": "ListResult
},
"id": "SiteListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Site list result.",
"items": {
"$ref": "Site
},
"required": true,
"title": "Site List Result",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Sites",
"type": "object"
}
SiteNodeConnectionInfo (type)
{
"additionalProperties": false,
"description": "Credential info to connect to a node in the federated remote site.",
"id": "SiteNodeConnectionInfo",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"fqdn": {
"description": "Please specify the fqdn of the Management Node of your site.",
"required": true,
"title": "Fully Qualified Domain Name of the Management Node",
"type": "string"
},
"password": {
"description": "Password to connect to Site's Local Manager.",
"sensitive": true,
"title": "Password",
"type": "string"
},
"thumbprint": {
"description": "Thumbprint of Site's Local Manager in the form of a SHA-256 hash represented in lower case HEX.",
"title": "Thumbprint of Enforcement Point",
"type": "string"
},
"username": {
"description": "Username to connect to Site's Local Manager.",
"title": "Username",
"type": "string"
}
},
"title": "Site Node Connection Info",
"type": "object"
}
SiteOnboardingPreference (type)
{
"additionalProperties": false,
"description": "User onboarding preference for site.",
"extends": {
"$ref": "ManagedResource
},
"id": "SiteOnboardingPreference",
"module_id": "GmConfigOnboarding",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ignore_import": {
"description": "Represents user's decision to ignore onboarding option for a site. User will not be shown onboarding message or will failing onboarding when ignore status is set to 'true'.",
"readonly": true,
"required": true,
"title": "Ignore Import Preference",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"site_id": {
"description": "Unique site identifier.",
"readonly": true,
"required": false,
"title": "Site Identifier",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "User Onboarding Preference",
"type": "object"
}
SiteOverride (type)
{
"additionalProperties": false,
"description": "IPSecVPN site specific attributes specified only on GM. This allows user to specify site specific parameters which overrides the correspondig attributes in the IPSecVpnSession Object.",
"id": "SiteOverride",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"local_endpoint_path": {
"description": "Policy path referencing Local endpoint.",
"required": true,
"title": "Local endpoint path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCAL_ENDPOINT_RELATIONSHIP",
"rightType": [
"IPSecVpnLocalEndpoint"
]
}
]
},
"locale_service_path": {
"description": "Policy path referencing LocateService where SiteOverride attributes will be applied",
"required": true,
"title": "Locale service policy path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"IpSecVpnSession"
],
"relationshipType": "IPSEC_VPN_SESSION_LOCALE_SERVICE_RELATIONSHIP",
"rightType": [
"LocaleServices"
]
}
]
},
"peer_address": {
"description": "Public IPV4 address of the remote device terminating the VPN connection.",
"required": true,
"title": "IPV4 address of peer endpoint on remote site",
"type": "string"
},
"peer_id": {
"description": "Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.",
"required": true,
"title": "Peer id",
"type": "string"
},
"tunnel_interfaces": {
"description": "IP Tunnel interfaces. This property is mandatory for RouteBasedIpSecVpn session.",
"items": {
"$ref": "IPSecVpnTunnelInterface
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "IP Tunnel interfaces",
"type": "array"
}
},
"title": "IPSecVpn Site Override Parameters",
"type": "object"
}
SiteRequestParameter (type)
{
"description": "User can get flow details from the Site where API invoked to a given Site by specifying the Site policy path.",
"id": "SiteRequestParameter",
"module_id": "FederationObservability",
"properties": {
"site_path": {
"required": false,
"title": "Policy path of the Site object",
"type": "string"
}
},
"title": "Request parameter to get flow to a given Site",
"type": "object"
}
SiteStatus (type)
{
"id": "SiteStatus",
"module_id": "SiteManagerModule",
"properties": {
"site_name": {
"required": true,
"title": "Site name",
"type": "string"
},
"stubs": {
"items": {
"$ref": "StubStatus
},
"title": "Connection status",
"type": "array"
}
},
"type": "object"
}
SnmpServiceProperties (type)
{
"additionalProperties": false,
"id": "SnmpServiceProperties",
"module_id": "CentralNodeConfig",
"properties": {
"communities": {
"items": {
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "SNMP v1, v2c community strings",
"type": "array"
},
"start_on_boot": {
"required": true,
"title": "Start when system boots",
"type": "boolean"
},
"v2_configured": {
"readonly": true,
"title": "SNMP v2 is configured or not",
"type": "boolean"
},
"v3_auth_protocol": {
"default": "SHA1",
"enum": [
"SHA1"
],
"required": true,
"title": "SNMP v3 auth protocol",
"type": "string"
},
"v3_configured": {
"readonly": true,
"title": "SNMP v3 is configured or not",
"type": "boolean"
},
"v3_priv_protocol": {
"default": "AES128",
"enum": [
"AES128"
],
"required": true,
"title": "SNMP v3 private protocol",
"type": "string"
},
"v3_users": {
"description": "SNMP v3 users information",
"items": {
"$ref": "SnmpV3User
},
"maxItems": 1,
"title": "V3 users",
"type": "array"
}
},
"title": "SNMP Service properties",
"type": "object"
}
SnmpV3User (type)
{
"description": "SNMP v3 user properties",
"id": "SnmpV3User",
"module_id": "CentralNodeConfig",
"properties": {
"auth_password": {
"description": "SNMP v3 user auth password",
"required": false,
"sensitive": true,
"title": "Auth password",
"type": "string"
},
"priv_password": {
"description": "SNMP v3 user private password",
"required": false,
"sensitive": true,
"title": "Private password",
"type": "string"
},
"user_id": {
"description": "SNMP v3 user ID",
"required": true,
"title": "User ID",
"type": "string"
}
},
"title": "SNMP v3 user",
"type": "object"
}
Source (type)
{
"abstract": true,
"additionalProperties": false,
"description": "Source that is logically deemed to be the \"object\" upon which the Event in question initially occurred upon. The Source is responsible for providing information of the occurred event. Some example sources include: - Resource. - API.",
"id": "Source",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"resource_type": {
"description": "Event Source resource type.",
"enum": [
"ResourceOperation",
"ApiRequestBody"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Event Source",
"type": "object"
}
SourceFieldEvaluation (type)
{
"additionalProperties": false,
"description": "Source Field Evaluation represents an evaluation on resource fields. A source field evaluation will be evaluated against an Event Source which is of type Resource Operation. For instance, the attribute constraint could be related to the necessity that one of the source fields equals one of the specified values.",
"extends": {
"$ref": "Evaluation
},
"id": "SourceFieldEvaluation",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "SourceFieldEvaluation"
},
"properties": {
"expected": {
"description": "Expected values necessary to apply the specified operation on the source field value.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Operator Arguments",
"type": "array"
},
"field_pointer": {
"description": "Field in the form of a pointer, describing the location of the attribute within the source of the event.",
"required": true,
"title": "Field Pointer",
"type": "string"
},
"operator": {
"description": "Logical operator.",
"enum": [
"EQ",
"NOT_EQ"
],
"required": true,
"title": "Logical Operator",
"type": "string"
},
"resource_type": {
"description": "Criterion Evaluation resource type.",
"enum": [
"SourceFieldEvaluation"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Source Field Evaluation",
"type": "object"
}
SourceIpPersistencePurge (type)
{
"additionalProperties": false,
"description": "If the persistence table is full and a new connection without a matching persistence entry is received, then by default(FULL) oldest persistence entries are purged from the table to make space for new entries. Each time purging gets triggered, a small percentage of the entries are purged. If purging is disabled(NO_PURGE) and a new incoming connection requires a persistence entry to be created, then that connection is rejected even though backend servers are available.",
"enum": [
"NO_PURGE",
"FULL"
],
"id": "SourceIpPersistencePurge",
"module_id": "LoadBalancer",
"title": "source ip persistence purge setting",
"type": "string"
}
SpacerWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for spacer widget. For this widget the data source is not applicable. This widget can be use to add the space inside the dashboard container.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "SpacerWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "SpacerWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Spacer widget Configuration",
"type": "object"
}
Span (type)
{
"additionalProperties": false,
"description": "Represents the strech information for a federated entity available only on local manager.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Span",
"module_id": "PolicySitesSpan",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"sites": {
"description": "List of SpanSiteInfos representing the strech of the entity.",
"items": {
"$ref": "SpanSiteInfo
},
"readonly": true,
"title": "List of SpanSiteInfos",
"type": "array"
},
"span_leader": {
"description": "Represents Policy resource type streached entity's span leader.",
"readonly": true,
"title": "Policy resource type of span leader",
"type": "string"
},
"span_resource": {
"description": "Represents Policy resource path of streached entity.",
"readonly": true,
"title": "Policy resource path",
"type": "string"
},
"span_resource_type": {
"description": "Policy resource type of the streached entity.",
"readonly": true,
"title": "Policy resource type",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Represents strech information for federated entity.",
"type": "object"
}
SpanSiteInfo (type)
{
"additionalProperties": false,
"description": "Represents the Site resource information for a Span entity including both the internal id as well as the site path.",
"id": "SpanSiteInfo",
"module_id": "PolicySitesSpan",
"properties": {
"site_id": {
"description": "Site UUID representing the Site resource",
"readonly": true,
"title": "Internal ID of the Site resource",
"type": "string"
},
"site_path": {
"description": "Path of the Site resource",
"readonly": true,
"title": "Path of the Site resource",
"type": "string"
}
},
"title": "Represents Site resource for Span entity.",
"type": "object"
}
SpoofGuardProfile (type)
{
"additionalProperties": false,
"description": "SpoofGuard is a tool that is designed to prevent virtual machines in your environment from sending traffic with IP addresses which are not authorized to send traffic from. A SpoofGuard policy profile once enabled blocks the traffic determined to be spoofed.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "SpoofGuardProfile",
"module_id": "PolicySpoofGuard",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"address_binding_allowlist": {
"default": false,
"description": "If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the whitelist. This value cannot conflict with whitelist.",
"required": true,
"title": "Enable SpoofGuard",
"type": "boolean"
},
"address_binding_whitelist": {
"default": false,
"deprecated": true,
"description": "If true, enable the SpoofGuard, which only allows VM sending traffic with the IPs in the whitelist. This field is deprecated because it has offensive terminology. Please use address_binding_allowlist. This value cannot conflict with allow list.",
"required": true,
"title": "Enable SpoofGuard",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"search_dsl_name": [
"spoof guard segment profile"
],
"title": "SpoofGuard Profile",
"type": "object"
}
SpoofGuardProfileListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "SpoofGuardProfileListRequestParameters",
"module_id": "PolicySpoofGuard",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SpoofGuard profile request parameters",
"type": "object"
}
SpoofGuardProfileListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "SpoofGuardProfileListResult",
"module_id": "PolicySpoofGuard",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SpoofGuardProfile
},
"required": true,
"title": "SpoofGuard profile list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of SpoofGuard profiles",
"type": "object"
}
SshKeyBaseProperties (type)
{
"additionalProperties": {},
"id": "SshKeyBaseProperties",
"properties": {
"label": {
"required": true,
"title": "SSH key label (used to identify the key)",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "Current password for user (required for users root and admin)",
"type": "string"
}
},
"type": "object"
}
SshKeyProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SshKeyBaseProperties
},
"id": "SshKeyProperties",
"properties": {
"label": {
"required": true,
"title": "SSH key label (used to identify the key)",
"type": "string"
},
"password": {
"required": false,
"sensitive": true,
"title": "Current password for user (required for users root and admin)",
"type": "string"
},
"type": {
"pattern": "^(ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-dss|ssh-ed25519|ssh-rsa)$",
"required": true,
"title": "SSH key type",
"type": "string"
},
"value": {
"required": true,
"title": "SSH key value",
"type": "string"
}
},
"type": "object"
}
SshKeyPropertiesListResult (type)
{
"extends": {
"$ref": "ListResult
},
"id": "SshKeyPropertiesListResult",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "SshKeyProperties
},
"required": true,
"title": "SSH key properties query results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "SSH key properties query results",
"type": "object"
}
SshServiceProperties (type)
{
"additionalProperties": false,
"id": "SshServiceProperties",
"properties": {
"root_login": {
"title": "Permit SSH Root login",
"type": "boolean"
},
"start_on_boot": {
"required": true,
"title": "Start service when system boots",
"type": "boolean"
}
},
"title": "SSH Service properties",
"type": "object"
}
SslCipher (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"TLS_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384",
"TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"
],
"id": "SslCipher",
"module_id": "LoadBalancer",
"title": "SSL cipher",
"type": "string"
}
SslCipherGroup (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"BALANCED",
"HIGH_SECURITY",
"HIGH_COMPATIBILITY",
"CUSTOM"
],
"id": "SslCipherGroup",
"module_id": "LoadBalancer",
"title": "SSL cipher group",
"type": "string"
}
SslProtocol (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"enum": [
"SSL_V2",
"SSL_V3",
"TLS_V1",
"TLS_V1_1",
"TLS_V1_2"
],
"id": "SslProtocol",
"module_id": "LoadBalancer",
"title": "SSL protocol",
"type": "string"
}
StageUpgradeRequestParameters (type)
{
"additionalProperties": false,
"description": "Parameters specified during upgrade staging request",
"id": "StageUpgradeRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Type of the component",
"readonly": false,
"required": false,
"title": "Component type",
"type": "string"
}
},
"title": "Stage upgrade request parameters",
"type": "object"
}
StandaloneHostIdfwConfiguration (type)
{
"additionalProperties": false,
"description": "Idfw configuration for enable/disable idfw on standalone hosts.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StandaloneHostIdfwConfiguration",
"module_id": "PolicyFirewallConfiguration",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idfw_enabled": {
"description": "If set to true, Idfw is enabled for standalone hosts",
"readonly": false,
"required": true,
"title": "Idfw enabled flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Standalone host idfw configuration",
"type": "object"
}
StatItem (type)
{
"additionalProperties": false,
"description": "Displayed as a single number. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states.",
"id": "StatItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget.",
"title": "Id of drilldown widget",
"type": "string"
},
"tooltip": {
"description": "Multi-line text to be shown on tooltip while hovering over the stat.",
"items": {
"$ref": "Tooltip
},
"minItems": 0,
"title": "Multi-line tooltip",
"type": "array"
},
"total": {
"description": "If expression for total is specified, it evaluates it. Total can be omitted if not needed to be shown.",
"title": "Total",
"type": "string"
},
"value": {
"description": "Expression for stat to be displayed.",
"maxLength": 1024,
"required": true,
"title": "Stat",
"type": "string"
}
},
"title": "Statistic of an entity",
"type": "object"
}
StaticARPConfig (type)
{
"additionalProperties": false,
"description": "Contains Static ARP configuration for Segment.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticARPConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_address": {
"$ref": "IPAddress,
"required": true,
"title": "IP Address"
},
"mac_address": {
"$ref": "MACAddress,
"required": true,
"title": "MAC Address"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static ARP Config",
"type": "object"
}
StaticFilter (type)
{
"additionalProperties": false,
"id": "StaticFilter",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"additional_value": {
"description": "An additional key-value pair for static filter.",
"required": false,
"title": "An additional value for static filter",
"type": "object"
},
"display_name": {
"description": "display name to be shown in the drop down for static filter.",
"maxLength": 1024,
"title": "Display name for static filter",
"type": "string"
},
"short_display_name": {
"description": "Property value is shown in the drop down input box for a filter. If the value is not provided 'display_name' property value is used.",
"maxLength": 1024,
"title": "A property value to be shown once value is selected for a filter.",
"type": "string"
},
"value": {
"description": "Value of static filter inside dropdown filter.",
"title": "Value of static filter",
"type": "string"
}
},
"title": "Static filters",
"type": "object"
}
StaticMimeContent (type)
{
"additionalProperties": false,
"description": "MIME content with text message and image path in it.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticMimeContent",
"module_id": "PolicyStaticMimeContent",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"text_message": {
"description": "text message.",
"required": true,
"title": "text message",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static MIME content",
"type": "object"
}
StaticRouteBfdPeer (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticRouteBfdPeer",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"bfd_profile_path": {
"description": "Bfd Profile is not supported for IPv6 networks.",
"title": "Policy path to Bfd Profile",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"StaticRouteBfdPeer"
],
"relationshipType": "BFD_CONFIG_BFD_PEER_RELATIONSHIP",
"rightType": [
"BfdProfile"
]
}
]
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"description": "Flag to enable BFD peer.",
"title": "Enable BFD Peer",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"peer_address": {
"description": "Only IPv4 addresses are supported. Only a single BFD config per peer address is allowed.",
"required": true,
"title": "IP Address of static route next hop peer",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"scope": {
"description": "Represents the array of policy paths of locale services where this BFD peer should get relalized on. The locale service service and this BFD peer must belong to the same router. Default scope is empty.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of policy paths of locale services",
"type": "array"
},
"source_addresses": {
"description": "Array of Tier0 external interface IP addresses. BFD peering is established from all these source addresses to the neighbor specified in peer_address. Only IPv4 addresses are supported.",
"items": {
"type": "string"
},
"maxItems": 8,
"minItems": 0,
"title": "List of source IP addresses",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static Route Bidirectional Forwarding Detection Peer",
"type": "object"
}
StaticRouteBfdPeerListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of StaticRouteBfdPeer.",
"extends": {
"$ref": "ListResult
},
"id": "StaticRouteBfdPeerListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "StaticRouteBfdPeer list results.",
"items": {
"$ref": "StaticRouteBfdPeer
},
"required": true,
"title": "StaticRouteBfdPeer list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Colleciton of StaticRouteBfdPeer",
"type": "object"
}
StaticRoutes (type)
{
"additionalProperties": false,
"description": "Static routes configuration on Tier-0 or Tier-1.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "StaticRoutes",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled_on_secondary": {
"default": false,
"description": "When false or by default northbound routes are configured only on the primary location and not on secondary location. When true, the static route will also be configured on a secondary location. Secondary location prefers route learned from the primary location and enabling this flag secondary location can override this. This flag is not applicable if all sites are primary.",
"title": "Flag to plumb route on secondary site",
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"network": {
"$ref": "IPElement,
"description": "Specify network address in CIDR format.",
"required": true,
"title": "Network address in CIDR format"
},
"next_hops": {
"description": "Specify next hop routes for network.",
"items": {
"$ref": "RouterNexthop
},
"minItems": 1,
"required": true,
"title": "Next hop routes for network",
"type": "array"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Static routes configuration on Tier-0 or on Tier-1",
"type": "object"
}
StaticRoutesListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "StaticRoutesListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Static Routes list request parameters",
"type": "object"
}
StaticRoutesListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "StaticRoutesListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "StaticRoutes
},
"required": true,
"title": "Static Routes list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Static Routes",
"type": "object"
}
StatisticsRequestParameters (type)
{
"description": "Request parameters that represents an enforcement point path. A request on statistics can be parameterized with this path and will be evaluated as follows: - no enforcement point path specified: the request is evaluated on all enforcement points. - {enforcement_point_path}: the request is evaluated only on the given enforcement point. - {container_cluster_path}: The request is evaluated only on the given container cluster.",
"id": "StatisticsRequestParameters",
"module_id": "PolicyBaseStatistics",
"properties": {
"container_cluster_path": {
"description": "Path to the container cluster entity where the request will be executed.",
"required": false,
"title": "String Path of the Container Cluster entity",
"type": "string"
},
"enforcement_point_path": {
"description": "enforcement point path, forward slashes must be escaped using %2F.",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
}
},
"title": "Statistics Request Parameters",
"type": "object"
}
StatsConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration of a statistic for an entity. Example, number of logical switches and their admin states.",
"extends": {
"$ref": "WidgetConfiguration
},
"id": "StatsConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "StatsConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"label": {
"$ref": "Label,
"description": "Displayed at the sections, by default. It labels the entities of sections. If label is not provided, the sections are not labelled.",
"title": "Label of the Stats Configuration"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"navigation": {
"description": "Hyperlink of the specified UI page that provides details.",
"maxLength": 1024,
"title": "Navigation to a specified UI page",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"sections": {
"decription": "High level logical grouping of portions or segments.",
"items": {
"$ref": "DonutSection
},
"minItems": 0,
"title": "Sections",
"type": "array"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"stat": {
"$ref": "StatItem,
"description": "Expression that fetches statistic. It can be used to show the characteristics of entities such as Logical Switches, Firewall Rules, and so on. For example, number of logical switches and their admin states. If stat is not provided, then it will not be displayed.",
"title": "Expression for feching statistic of an entity"
},
"sub_type": {
"description": "A sub-type of StatsConfiguration. If sub-type is not specified the parent type is rendered. The COMPACT sub_type, conserves the space for the widget. The statistic is placed on the right side on top of the status bar and the title of the widget is placed on the left side on the top of the status bar. The COMPACT style aligns itself horizontally as per the width of the container. If multiple widgets are placed insided the container then the widgets are placed one below the other to conserve the space.",
"enum": [
"COMPACT"
],
"title": "Sub-type of the StatsConfiguration",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Stats Configuration",
"type": "object"
}
StatusSummaryRequestParameters (type)
{
"additionalProperties": false,
"id": "StatusSummaryRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"selection_status": {
"default": "ALL",
"enum": [
"SELECTED",
"DESELECTED",
"ALL"
],
"required": false,
"title": "Flag to indicate whether to return status for only selected, only deselected or both type of upgrade units",
"type": "string"
},
"show_history": {
"description": "Get details of the last 16 operations performed during the upgrade of a given component.",
"readonly": false,
"required": false,
"title": "Get upgrade activity for a given component",
"type": "boolean"
}
},
"type": "object"
}
StringArrayConstraintValue (type)
{
"additionalProperties": false,
"description": "List of String values",
"extends": {
"$ref": "ConstraintValue
},
"id": "StringArrayConstraintValue",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "StringArrayConstraintValue"
},
"properties": {
"resource_type": {
"enum": [
"StringArrayConstraintValue",
"CidrArrayConstraintValue",
"IntegerArrayConstraintValue"
],
"required": true,
"type": "string"
},
"values": {
"description": "Array of string values",
"items": {
"type": "string"
},
"maxItems": 100,
"minItems": 1,
"required": true,
"title": "Array of String",
"type": "array"
}
},
"title": "Array of String Values to perform operation",
"type": "object"
}
StubStatus (type)
{
"id": "StubStatus",
"module_id": "SiteManagerModule",
"properties": {
"address": {
"title": "IP/FQDN of the node",
"type": "string"
},
"connection_up": {
"required": true,
"title": "Is stub up",
"type": "boolean"
}
},
"type": "object"
}
SubjectAltNames (type)
{
"additionalProperties": false,
"id": "SubjectAltNames",
"module_id": "CertificateManager",
"properties": {
"dns_names": {
"description": "A list of DNS names in subject alternative names",
"items": {
"$ref": "DnsNameString
},
"maxItems": 128,
"minItems": 1,
"readonly": true,
"required": false,
"title": "DNS names",
"type": "array"
},
"ip_addresses": {
"description": "A list of IP addresses in subject alternative names",
"items": {
"oneOf": [
{
"format": "ipv4"
},
{
"format": "ipv6"
}
],
"type": "string"
},
"maxItems": 64,
"minItems": 1,
"readonly": true,
"required": false,
"title": "IP Addresses",
"type": "array"
}
},
"title": "A collection of subject alternative names",
"type": "object"
}
SubjectPublicKeyHash (type)
{
"additionalProperties": false,
"id": "SubjectPublicKeyHash",
"module_id": "CertificateManager",
"properties": {
"public_key_sha256_hashes": {
"description": "List of SHA256 hashes of the Public Key of the revoked certificates with the specified subject.",
"items": {
"type": "string"
},
"title": "SHA256 hashes of Public Keys",
"type": "array"
},
"subject": {
"description": "Subject Distinguished Name of the revoked certificates.",
"title": "Subject Distinguished Name (DN)",
"type": "string"
}
},
"type": "object"
}
SuccessNodeSupportBundleResult (type)
{
"additionalProperties": false,
"id": "SuccessNodeSupportBundleResult",
"properties": {
"bundle_name": {
"readonly": true,
"required": true,
"title": "Name of support bundle, e.g. nsx_NODETYPE_UUID_YYYYMMDD_HHMMSS.tgz",
"type": "string"
},
"bundle_size": {
"readonly": true,
"required": true,
"title": "Size of support bundle in bytes",
"type": "integer"
},
"node_display_name": {
"readonly": true,
"required": true,
"title": "Display name of node",
"type": "string"
},
"node_id": {
"readonly": true,
"required": true,
"title": "UUID of node",
"type": "string"
},
"sha256_thumbprint": {
"readonly": true,
"required": true,
"title": "File's SHA256 thumbprint",
"type": "string"
}
},
"type": "object"
}
SummaryRequest (type)
{
"additionalProperties": false,
"id": "SummaryRequest",
"module_id": "Upgrade",
"properties": {
"summary": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag indicating whether to return the summary",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleContainerNode (type)
{
"abstract": true,
"additionalProperties": {},
"id": "SupportBundleContainerNode",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "container_type"
},
"properties": {
"container_type": {
"enum": [
"ANTREA"
],
"required": true,
"title": "Support bundle container type",
"type": "string"
}
},
"type": "object"
}
SupportBundleFileTransferAuthenticationScheme (type)
{
"additionalProperties": false,
"id": "SupportBundleFileTransferAuthenticationScheme",
"properties": {
"password": {
"required": true,
"sensitive": true,
"title": "Password to authenticate with",
"type": "string"
},
"scheme_name": {
"enum": [
"PASSWORD"
],
"required": true,
"title": "Authentication scheme name",
"type": "string"
},
"username": {
"required": true,
"title": "User name to authenticate with",
"type": "string"
}
},
"type": "object"
}
SupportBundleFileTransferProtocol (type)
{
"additionalProperties": false,
"id": "SupportBundleFileTransferProtocol",
"properties": {
"authentication_scheme": {
"$ref": "SupportBundleFileTransferAuthenticationScheme,
"required": true,
"title": "Scheme to authenticate if required"
},
"name": {
"enum": [
"SCP",
"SFTP"
],
"required": true,
"title": "Protocol name",
"type": "string"
},
"ssh_fingerprint": {
"required": true,
"title": "SSH fingerprint of server",
"type": "string"
}
},
"type": "object"
}
SupportBundleQueryParameter (type)
{
"additionalProperties": false,
"id": "SupportBundleQueryParameter",
"properties": {
"override_async_response": {
"default": false,
"description": "Override an existing support bundle async response if it exists. If not set to true and an existing async response is available, the support bundle request results in 409 CONFLICT.",
"title": "Override any existing support bundle async response",
"type": "boolean"
},
"require_delete_or_override_async_response": {
"default": false,
"description": "If the remote_file_server option has not been specified, save generated support bundle until a subsequent request either deletes or overrides the support bundle generated by the current request using the action=delete_async_response or override_async_response=true query parameters. Setting this property to true allows the NSX API client to re-download a support bundle if for example a previous download attempt fails.",
"title": "Suppress auto-deletion of generated support bundle",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleQueryParameters (type)
{
"additionalProperties": false,
"id": "SupportBundleQueryParameters",
"properties": {
"all": {
"default": false,
"description": "Include all files including files that may have sensitive information like core files.",
"title": "Include all files",
"type": "boolean"
}
},
"type": "object"
}
SupportBundleRemoteFileServer (type)
{
"additionalProperties": false,
"id": "SupportBundleRemoteFileServer",
"properties": {
"directory_path": {
"required": true,
"title": "Remote server directory to copy bundle files to",
"type": "string"
},
"manager_upload_only": {
"default": false,
"title": "Uploads to the remote file server performed by the manager",
"type": "boolean"
},
"port": {
"default": 22,
"maximum": 65535,
"minimum": 1,
"title": "Server port",
"type": "integer"
},
"protocol": {
"$ref": "SupportBundleFileTransferProtocol,
"required": true,
"title": "Protocol to use to copy file"
},
"server": {
"required": true,
"title": "Remote server hostname or IP address",
"type": "string"
}
},
"title": "Remote file server",
"type": "object"
}
SupportBundleRequest (type)
{
"additionalProperties": false,
"id": "SupportBundleRequest",
"properties": {
"container_nodes": {
"items": {
"$ref": "SupportBundleContainerNode
},
"minItems": 1,
"required": false,
"title": "List of container clusters and their nodes requiring support bundle collection",
"type": "array"
},
"content_filters": {
"default": [
"DEFAULT"
],
"items": {
"$ref": "ContentFilterValue
},
"minItems": 1,
"title": "Bundle should include content of specified type",
"type": "array"
},
"dynamic_content_filters": {
"default": [
"ALL"
],
"description": "List of dynamic content filters that specify additional content to include in the support bundle. The list of available filters available depends on your NSX-T deployment and can be determined by invoking the GET /api/v1/adminstration/support-bundles/dynamic-content-filters NSX API. For example, if NSX Intelligence is deployed, filters for collecting specific information about services are available.",
"items": {
"$ref": "DynamicContentFilterValue
},
"required": false,
"title": "List of content filters that decide the additional content that go into the support bundle",
"type": "array"
},
"log_age_limit": {
"minimum": 1,
"title": "Include log files with modified times not past the age limit in days",
"type": "integer"
},
"nodes": {
"items": {
"type": "string"
},
"minItems": 1,
"required": false,
"title": "List of cluster/fabric node UUIDs processed in specified order",
"type": "array"
},
"remote_file_server": {
"$ref": "SupportBundleRemoteFileServer,
"title": "Remote file server to copy bundles to, bundle in response body if not specified"
}
},
"type": "object"
}
SupportBundleResult (type)
{
"additionalProperties": false,
"id": "SupportBundleResult",
"properties": {
"failed_nodes": {
"items": {
"$ref": "FailedNodeSupportBundleResult
},
"readonly": true,
"required": true,
"title": "Nodes where bundles were not generated or not copied to remote server",
"type": "array"
},
"remaining_nodes": {
"items": {
"$ref": "RemainingSupportBundleNode
},
"title": "Nodes where bundle generation is pending or in progress",
"type": "array"
},
"request_properties": {
"$ref": "SupportBundleRequest,
"readonly": true,
"required": true,
"title": "Request properties"
},
"success_nodes": {
"items": {
"$ref": "SuccessNodeSupportBundleResult
},
"readonly": true,
"required": true,
"title": "Nodes whose bundles were successfully copied to remote file server",
"type": "array"
}
},
"type": "object"
}
SvmConnectivityStatus (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "SvmConnectivityStatus",
"module_id": "VmToolsInfo",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"connectivity_status": {
"description": "Connectivity status with the deployed Solution VM TRUE - VM is configured and protected by EPP/AMS Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP/AMS Service VM.",
"readonly": true,
"required": false,
"title": "Connectivity status with SVM",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"service_name": {
"description": "Service name as provided for Anti Malware Solution or as provided for third party Endpoint Protection solution during service registration.",
"readonly": true,
"required": false,
"title": "Service name of Solution",
"type": "string"
},
"solution_id": {
"description": "Solution ID as provided for Anti Malware Solution(AMS) or as provided for third party Endpoint Protection(EPP) solution during service registration.",
"readonly": true,
"required": false,
"title": "SVM solutionID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
SwitchoverStatus (type)
{
"id": "SwitchoverStatus",
"module_id": "SiteManagerModule",
"properties": {
"current_step": {
"$ref": "ProgressItem,
"title": "Progress of each items"
},
"current_step_number": {
"required": true,
"title": "Current number",
"type": "integer"
},
"note": {
"required": true,
"title": "Special messages, most of the time this will be empty, i.e. If SM performing the operation went down, another SM will restart the progress.",
"type": "string"
},
"number_of_steps": {
"required": true,
"title": "Total number of steps",
"type": "integer"
},
"overall_status": {
"enum": [
"NOT_STARTED",
"RUNNING",
"ERROR",
"COMPLETE"
],
"required": true,
"title": "Status of the operation",
"type": "string"
}
},
"type": "object"
}
SyslogFacility (type)
{
"enum": [
"KERN",
"USER",
"MAIL",
"DAEMON",
"AUTH",
"SYSLOG",
"LPR",
"NEWS",
"UUCP",
"AUTHPRIV",
"FTP",
"LOGALERT",
"CRON",
"LOCAL0",
"LOCAL1",
"LOCAL2",
"LOCAL3",
"LOCAL4",
"LOCAL5",
"LOCAL6",
"LOCAL7"
],
"id": "SyslogFacility",
"title": "Syslog facility",
"type": "string"
}
SystemHostname (type)
{
"id": "SystemHostname",
"maxLength": 255,
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*\\.?$",
"title": "System host name",
"type": "string"
}
Tag (type)
{
"id": "Tag",
"module_id": "Common",
"properties": {
"scope": {
"default": "",
"description": "Tag searches may optionally be restricted by scope",
"display": {
"order": 1
},
"maxLength": 128,
"readonly": false,
"title": "Tag scope",
"type": "string"
},
"tag": {
"default": "",
"description": "Identifier meaningful to user with maximum length of 256 characters",
"display": {
"order": 2
},
"readonly": false,
"title": "Tag value",
"type": "string"
}
},
"title": "Arbitrary key-value pairs that may be attached to an entity",
"type": "object"
}
TagBulkOperation (type)
{
"additionalProperties": false,
"description": "Tag and resource information on which tag to be applied or removed.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TagBulkOperation",
"module_id": "PolicyTag",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"apply_to": {
"description": "List of resources on which tag needs to be applied.",
"items": {
"$ref": "ResourceInfo
},
"title": "List of resources on which tag needs to be applied",
"type": "array"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"remove_from": {
"description": "List of resources from which tag needs to be removed.",
"items": {
"$ref": "ResourceInfo
},
"title": "List of resources from which tag needs to be removed",
"type": "array"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tag": {
"$ref": "Tag,
"required": true,
"title": "Tag"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Payload to update the tag on specified objects",
"type": "object"
}
TaskProperties (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "TaskProperties",
"module_id": "Common",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"async_response_available": {
"display": {
"order": 13
},
"readonly": true,
"title": "True if response for asynchronous request is available",
"type": "boolean"
},
"cancelable": {
"display": {
"order": 8
},
"readonly": true,
"title": "True if this task can be canceled",
"type": "boolean"
},
"description": {
"display": {
"order": 2
},
"readonly": true,
"title": "Description of the task",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 6
},
"readonly": true,
"title": "The end time of the task in epoch milliseconds"
},
"id": {
"display": {
"order": 1
},
"readonly": true,
"title": "Identifier for this task",
"type": "string"
},
"message": {
"display": {
"order": 4
},
"readonly": true,
"title": "A message describing the disposition of the task",
"type": "string"
},
"progress": {
"display": {
"order": 7
},
"maximum": 100,
"minimum": 0,
"readonly": true,
"title": "Task progress if known, from 0 to 100",
"type": "integer"
},
"request_method": {
"display": {
"order": 12
},
"readonly": true,
"title": "HTTP request method",
"type": "string"
},
"request_uri": {
"display": {
"order": 11
},
"readonly": true,
"title": "URI of the method invocation that spawned this task",
"type": "string"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"display": {
"order": 5
},
"readonly": true,
"title": "The start time of the task in epoch milliseconds"
},
"status": {
"$ref": "TaskStatus,
"display": {
"order": 3
},
"readonly": true,
"title": "Current status of the task"
},
"user": {
"display": {
"order": 10
},
"readonly": true,
"title": "Name of the user who created this task",
"type": "string"
}
},
"title": "Task properties",
"type": "object"
}
TaskStatus (type)
{
"enum": [
"running",
"error",
"success",
"canceling",
"canceled",
"killed"
],
"id": "TaskStatus",
"module_id": "Common",
"title": "Current status of the task",
"type": "string"
}
TcpHeader (type)
{
"additionalProperties": false,
"id": "TcpHeader",
"module_id": "Traceflow",
"properties": {
"dst_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port of tcp header",
"type": "integer"
},
"src_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port of tcp header",
"type": "integer"
},
"tcp_flags": {
"maximum": 511,
"minimum": 0,
"required": false,
"title": "TCP flags (9bits)",
"type": "integer"
}
},
"type": "object"
}
TcpMaximumSegmentSizeClamping (type)
{
"additionalProperties": false,
"description": "TCP MSS Clamping Direction and Value.",
"id": "TcpMaximumSegmentSizeClamping",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"direction": {
"default": "NONE",
"description": "Specifies the traffic direction for which to apply MSS Clamping.",
"enum": [
"NONE",
"INBOUND_CONNECTION",
"OUTBOUND_CONNECTION",
"BOTH"
],
"required": false,
"title": "Maximum Segment Size Clamping Direction",
"type": "string"
},
"max_segment_size": {
"description": "MSS defines the maximum amount of data that a host is willing to accept in a single TCP segment. This field is set in TCP header during connection establishment. To avoid packet fragmentation, you can set this field depending on uplink MTU and VPN overhead. This is an optional field and in case it is left unconfigured, best possible MSS value will be calculated based on effective mtu of uplink interface. Supported MSS range is 216 to 8960.",
"maximum": 8902,
"minimum": 108,
"required": false,
"title": "Maximum Segment Size Value",
"type": "integer"
}
},
"title": "TCP MSS Clamping",
"type": "object"
}
Tier0 (type)
{
"additionalProperties": false,
"description": "Tier-0 configuration for external connectivity.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildCommunityList",
"ChildLocaleServices",
"ChildPolicyDnsForwarder",
"ChildPrefixList",
"ChildStaticRoutes",
"ChildTier0RouteMap"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"advanced_config": {
"$ref": "Tier0AdvancedConfig,
"description": "NSX specific configuration for tier-0",
"required": false,
"title": "Advanced configuration for tier-0"
},
"arp_limit": {
"description": "Maximum number of ARP entries per transport node.",
"maximum": 50000,
"minimum": 5000,
"required": false,
"title": "ARP limit per transport node",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"default_rule_logging": {
"default": false,
"deprecated": true,
"description": "Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field.",
"required": false,
"title": "Enable logging for whitelisted rule",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_paths": {
"description": "DHCP configuration for Segments connected to Tier-0. DHCP service is configured in relay mode.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "DHCP configuration for Segments connected to Tier-0",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Tier0"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"disable_firewall": {
"default": false,
"description": "Disable or enable gateway fiewall.",
"required": false,
"title": "Disable gateway firewall",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"failover_mode": {
"default": "NON_PREEMPTIVE",
"description": "Determines the behavior when a Tier-0 instance in ACTIVE-STANDBY high-availability mode restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. This property is not used when the ha_mode property is set to ACTIVE_ACTIVE. Only applicable when edge cluster is configured in Tier0 locale-service.",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode",
"type": "string"
},
"federation_config": {
"$ref": "FederationGatewayConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "This field is deprecated and recommended to change Rule action field. Note that this field is not synchronized with default rule field.",
"required": false,
"title": "Flag to add whitelisting FW rule during realization",
"type": "boolean"
},
"ha_mode": {
"default": "ACTIVE_ACTIVE",
"description": "Specify high-availability mode for Tier-0. Default is ACTIVE_ACTIVE. When ha_mode is changed from ACTIVE_ACTIVE to ACTIVE_STANDBY, inter SR iBGP (in BGP) is disabled. Changing ha_mode from ACTIVE_STANDBY to ACTIVE_ACTIVE will enable inter SR iBGP (in BGP) and previously configured preferred edge nodes (in Tier0 locale-service) are removed.",
"enum": [
"ACTIVE_ACTIVE",
"ACTIVE_STANDBY"
],
"required": false,
"title": "High-availability Mode for Tier-0",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_transit_subnets": {
"description": "Specify subnets that are used to assign addresses to logical links connecting service routers and distributed routers. Only IPv4 addresses are supported. When not specified, subnet 169.254.0.0/24 is assigned by default in ACTIVE_ACTIVE HA mode or 169.254.0.0/28 in ACTIVE_STANDBY mode.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"maxItems": 1,
"required": false,
"title": "Internal transit subnets in CIDR format",
"type": "array"
},
"intersite_config": {
"$ref": "IntersiteGatewayConfig,
"description": "Inter site routing configuration when the gateway is streched.",
"required": false,
"title": "Inter site routing configuration"
},
"ipv6_profile_paths": {
"description": "IPv6 NDRA and DAD profiles configuration on Tier0. Either or both NDRA and/or DAD profiles can be configured.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA and DAD profiles configuration",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "IPV6_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
},
{
"leftType": [
"Tier0"
],
"relationshipType": "IPV6_DAD_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6DadProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"rd_admin_field": {
"$ref": "IPAddress,
"description": "If you are using EVPN service, then route distinguisher administrator address should be defined if you need auto generation of route distinguisher on your VRF configuration.",
"required": false,
"title": "Route distinguisher administrator address"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"transit_subnets": {
"description": "Specify transit subnets that are used to assign addresses to logical links connecting tier-0 and tier-1s. Both IPv4 and IPv6 addresses are supported. When not specified, subnet 100.64.0.0/16 is configured by default. The value in VRF tier-0 is always inherited from the parent.",
"items": {
"format": "ip-cidr-block",
"type": "string"
},
"required": false,
"title": "Transit subnets in CIDR format",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vrf_config": {
"$ref": "Tier0VrfConfig,
"description": "VRF config, required for VRF Tier0.",
"required": false,
"title": "VRF config"
}
},
"title": "Tier-0 configuration",
"type": "object"
}
Tier0AdvancedConfig (type)
{
"additionalProperties": false,
"description": "NSX specific configuration for tier-0",
"extends": {
"$ref": "ConnectivityAdvancedConfig
},
"id": "Tier0AdvancedConfig",
"module_id": "PolicyConnectivity",
"properties": {
"connectivity": {
"default": "ON",
"description": "Connectivity configuration to manually connect (ON) or disconnect (OFF) Tier-0/Tier1 segment from corresponding gateway. This property does not apply to VLAN backed segments. VLAN backed segments with connectivity OFF does not affect its layer-2 connectivity.",
"enum": [
"ON",
"OFF"
],
"required": false,
"title": "Connectivity configuration",
"type": "string"
},
"forwarding_up_timer": {
"default": 0,
"description": "Extra time in seconds the router must wait before sending the UP notification after the peer routing session is established. Default means forward immediately. VRF logical router will set it same as parent logical router.",
"maximum": 300,
"minimum": 0,
"required": false,
"title": "Forwarding up timer",
"type": "integer"
}
},
"title": "Advanced configuration for tier-0",
"type": "object"
}
Tier0DeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of Tier-0 to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point": {
"description": "Path of enforcement point on which Tier-0 shall be deployed.",
"required": true,
"title": "Absolute Path of Enforcement Point",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-0 Deployment Map",
"type": "object"
}
Tier0DeploymentMapListRequestParameters (type)
{
"additionalProperties": false,
"description": "Tier Deployment Map list request parameters.",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0DeploymentMapListRequestParameters",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier0 Deployment Map List Request Parameters",
"type": "object"
}
Tier0DeploymentMapListResult (type)
{
"additionalProperties": false,
"description": "Paged collection of Tier-0 Deployment Map.",
"extends": {
"$ref": "ListResult
},
"id": "Tier0DeploymentMapListResult",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "Tier-0 Deployment Maps.",
"items": {
"$ref": "Tier0DeploymentMap
},
"required": true,
"title": "Tier-0 Deployment Maps",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of Tier-0 Deployment Map",
"type": "object"
}
Tier0GatewayState (type)
{
"additionalProperties": false,
"id": "Tier0GatewayState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"auto_rds": {
"$ref": "AutoRds,
"description": "Object that holds auto assigned route distingushers for this gateway.",
"title": "Auto assigned Route Distingushers"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"ipv6_status": {
"description": "IPv6 DAD status for interfaces configured on Tier0",
"items": {
"$ref": "IPv6Status
},
"title": "IPv6 DAD status for Tier0 interfaces",
"type": "array"
},
"tier0_state": {
"$ref": "LogicalRouterState,
"description": "Detailed realized state information for Tier0",
"title": "Tier0 state"
},
"tier0_status": {
"$ref": "LogicalRouterStatus,
"description": "Detailed realized status information for Tier0",
"title": "Tier0 status"
},
"transport_zone": {
"$ref": "PolicyTransportZone,
"description": "Transport Zone information which got configured on Gateway.",
"title": "Transport Zone Information"
}
},
"title": "Tier0 gateway state",
"type": "object"
}
Tier0HaVipConfig (type)
{
"additionalProperties": false,
"id": "Tier0HaVipConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": true,
"required": false,
"title": "Flag to enable this HA VIP config.",
"type": "boolean"
},
"external_interface_paths": {
"description": "Policy paths to Tier0 external interfaces which are to be paired to provide redundancy. Floating IP will be owned by one of these interfaces depending upon which edge node is Active.",
"items": {
"type": "string"
},
"minItems": 2,
"required": true,
"title": "Policy paths to Tier0 external interfaces for providing redundancy",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"LocaleServices"
],
"relationshipType": "PROVIDER_HA_VIP_INTERFACE_RELATIONSHIP",
"rightType": [
"Tier0Interface"
]
}
]
},
"vip_subnets": {
"description": "Array of IP address subnets which will be used as floating IP addresses.",
"items": {
"$ref": "InterfaceSubnet
},
"maxItems": 2,
"minItems": 1,
"required": true,
"title": "VIP floating IP address subnets",
"type": "array"
}
},
"title": "Tier0 HA VIP Config",
"type": "object"
}
Tier0Interface (type)
{
"additionalProperties": false,
"description": "Tier-0 interface configuration for external connectivity.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "Tier0Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"access_vlan_id": {
"$ref": "VlanID,
"description": "Vlan id.",
"required": false,
"title": "Vlan id"
},
"admin_state": {
"description": "This flag is used to enable/disable admin state on tier-0 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration. This flag should not be set to UP or DOWN if EVPN is configured, and tier-0 LR is in A/S mode. Also this flag can not be set to UP or DOWN for service interfaces which are configured on vrf-lite.",
"enum": [
"UP",
"DOWN"
],
"experimental": true,
"required": false,
"title": "Flag to enable/disable admin_state of tier-0 service port",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"edge_cluster_member_index": {
"deprecated": true,
"description": "Specify association of interface with edge cluster member. This property is deprecated, use edge_path instead. When both properties are specifed, only edge_path property is used.",
"minimum": 0,
"required": false,
"title": "Association of interface with edge cluster member",
"type": "int"
},
"edge_path": {
"description": "Policy path to edge node to handle external connectivity. Required when interface type is EXTERNAL. Edge path is required for service interface when tier0 is in ACTIVE_ACTIVE ha_mode. Edge path is required for VRF service interface when parent tier0 is in ACTIVE_ACTIVE ha_mode.",
"required": false,
"title": "Policy path to edge node",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"igmp_local_join_groups": {
"description": "IGMP local join groups configuration.",
"items": {
"$ref": "IPv4Address
},
"required": false,
"title": "IGMP local join groups configuration",
"type": "array"
},
"ipv6_profile_paths": {
"description": "Configuration IPv6 NDRA profile. Only one NDRA profile can be configured.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA profile configuration",
"type": "array"
},
"ls_id": {
"deprecated": true,
"description": "Specify logical switch to which tier-0 interface is connected for external access. This property is deprecated, use segment_path instead. Both properties cannot be used together.",
"required": false,
"title": "Logical switch id to attach tier-0 interface",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.",
"minimum": 64,
"required": false,
"title": "MTU size",
"type": "int"
},
"multicast": {
"$ref": "Tier0InterfacePimConfig,
"description": "Multicast PIM configuration.",
"required": false,
"title": "Multicast PIM configuration"
},
"ospf": {
"$ref": "PolicyInterfaceOspfConfig,
"description": "OSPF configuration.",
"required": false,
"title": "OSPF configuration"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"proxy_arp_filters": {
"description": "Array of prefix lists used to specify filtering for ARP proxy. Prefixes in this array are used to configure ARP proxy entries on Tier-0 gateway (for uplinks).",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "List of proxy Address Resolution Protocol Filters",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "PROVIDER_INTERFACE_PREFIX_LIST_RELATIONSHIP",
"rightType": [
"PrefixList"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_path": {
"description": "Specify Segment to which this interface is connected to. Either segment_path or ls_id property is required.",
"required": false,
"title": "Segment to attach tier-0 interface",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface"
],
"relationshipType": "INTERFACE_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"default": "EXTERNAL",
"description": "Interface type",
"enum": [
"EXTERNAL",
"SERVICE",
"LOOPBACK"
],
"required": false,
"title": "Interface type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Tier-0 interface configuration",
"type": "object"
}
Tier0InterfaceListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0InterfaceListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-0 Interface list request parameters",
"type": "object"
}
Tier0InterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0InterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0Interface
},
"required": true,
"title": "Tier-0 Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-0 Interfaces",
"type": "object"
}
Tier0InterfacePimConfig (type)
{
"additionalProperties": false,
"description": "Multicast PIM configuration.",
"id": "Tier0InterfacePimConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enabled": {
"default": false,
"description": "enable/disable PIM configuration.",
"title": "enable/disable PIM configuration",
"type": "boolean"
},
"hello_interval": {
"default": 30,
"description": "PIM hello interval(seconds) at interface level.",
"maximum": 180,
"minimum": 1,
"required": false,
"title": "PIM hello interval at interface level",
"type": "int"
},
"hold_interval": {
"description": "PIM hold interval(seconds) at interface level.",
"maximum": 630,
"minimum": 1,
"required": false,
"title": "PIM hold interval at interface level",
"type": "int"
}
},
"title": "Multicast PIM configuration",
"type": "object"
}
Tier0ListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier0ListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-0 list request parameters",
"type": "object"
}
Tier0ListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0ListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0
},
"required": true,
"title": "Tier-0 list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-0s",
"type": "object"
}
Tier0RouteMap (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0RouteMap",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"entries": {
"description": "Ordered list of route map entries.",
"items": {
"$ref": "RouteMapEntry
},
"maxItems": 1000,
"minItems": 1,
"required": true,
"title": "Ordered list of route map entries",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "RouteMap for redistributing routes to BGP and other routing protocols",
"type": "object"
}
Tier0RouteMapListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier0RouteMapListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier0RouteMap
},
"required": true,
"title": "Tier0RouteMap results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of RouteMaps",
"type": "object"
}
Tier0RouteRedistributionConfig (type)
{
"additionalProperties": false,
"id": "Tier0RouteRedistributionConfig",
"module_id": "PolicyConnectivity",
"properties": {
"bgp_enabled": {
"default": true,
"required": false,
"title": "Flag to enable route redistribution for BGP.",
"type": "boolean"
},
"ospf_enabled": {
"default": false,
"required": false,
"title": "Flag to enable route redistribution for OSPF.",
"type": "boolean"
},
"redistribution_rules": {
"default": [],
"description": "List of redistribution rules.",
"items": {
"$ref": "Tier0RouteRedistributionRule
},
"maxItems": 5,
"minItems": 0,
"required": false,
"type": "array"
}
},
"title": "Route Redistribution config",
"type": "object"
}
Tier0RouteRedistributionRule (type)
{
"additionalProperties": false,
"id": "Tier0RouteRedistributionRule",
"module_id": "PolicyConnectivity",
"properties": {
"destinations": {
"description": "Each rule can have more than one destinations. If destinations not specified for a given rule, default destionation will be BGP",
"items": {
"default": "BGP",
"enum": [
"BGP",
"OSPF"
],
"type": "string"
},
"required": false,
"title": "List of destination for a given redistribution rule",
"type": "array"
},
"name": {
"required": false,
"title": "Rule name",
"type": "string"
},
"route_map_path": {
"description": "Route map to be associated with the redistribution rule",
"required": false,
"type": "string"
},
"route_redistribution_types": {
"items": {
"$ref": "Tier0RouteRedistributionTypes
},
"required": true,
"title": "List of redistribution types",
"type": "array"
}
},
"title": "Single route redistribution rule",
"type": "object"
}
Tier0RouteRedistributionTypes (type)
{
"additionalProperties": false,
"description": "Tier-0 route redistribution types. TIER0_STATIC: Redistribute user added static routes. TIER0_CONNECTED: Redistribute all subnets configured on Interfaces and routes related to TIER0_SEGMENT, TIER0_DNS_FORWARDER_IP, TIER0_IPSEC_LOCAL_IP, TIER0_NAT types. TIER1_STATIC: Redistribute all subnets and static routes advertised by Tier-1s. TIER0_EXTERNAL_INTERFACE: Redistribute external interface subnets on Tier-0. TIER0_LOOPBACK_INTERFACE: Redistribute loopback interface subnets on Tier-0. TIER0_SEGMENT: Redistribute subnets configured on Segments connected to Tier-0. TIER0_ROUTER_LINK: Redistribute router link port subnets on Tier-0 TIER0_SERVICE_INTERFACE: Redistribute Tier0 service interface subnets. TIER0_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets. TIER0_IPSEC_LOCAL_IP: Redistribute IPSec subnets. TIER0_NAT: Redistribute NAT IPs owned by Tier-0. TIER0_EVPN_TEP_IP: Redistribute EVPN local endpoint subnets on Tier-0. TIER1_NAT: Redistribute NAT IPs advertised by Tier-1 instances. TIER1_LB_VIP: Redistribute LB VIP IPs advertised by Tier-1 instances. TIER1_LB_SNAT: Redistribute LB SNAT IPs advertised by Tier-1 instances. TIER1_DNS_FORWARDER_IP: Redistribute DNS forwarder subnets on Tier-1 instances. TIER1_CONNECTED: Redistribute all subnets configured on Segments and Service Interfaces. TIER1_SERVICE_INTERFACE: Redistribute Tier1 service interface subnets. TIER1_SEGMENT: Redistribute subnets configured on Segments connected to Tier1. TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets advertised by TIER1. Route redistribution destination is BGP.",
"enum": [
"TIER0_STATIC",
"TIER0_CONNECTED",
"TIER0_EXTERNAL_INTERFACE",
"TIER0_SEGMENT",
"TIER0_ROUTER_LINK",
"TIER0_SERVICE_INTERFACE",
"TIER0_LOOPBACK_INTERFACE",
"TIER0_DNS_FORWARDER_IP",
"TIER0_IPSEC_LOCAL_IP",
"TIER0_NAT",
"TIER0_EVPN_TEP_IP",
"TIER1_NAT",
"TIER1_STATIC",
"TIER1_LB_VIP",
"TIER1_LB_SNAT",
"TIER1_DNS_FORWARDER_IP",
"TIER1_CONNECTED",
"TIER1_SERVICE_INTERFACE",
"TIER1_SEGMENT",
"TIER1_IPSEC_LOCAL_ENDPOINT"
],
"id": "Tier0RouteRedistributionTypes",
"module_id": "PolicyConnectivity",
"title": "Tier-0 route redistribution types",
"type": "string"
}
Tier0SecurityFeature (type)
{
"additionalProperties": false,
"extends": {
"$ref": "SecurityFeatureBase
},
"id": "Tier0SecurityFeature",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"enable": {
"default": false,
"description": "true - enable the feature, false - disable the feture",
"required": true,
"title": "Flag to enable/disable",
"type": "boolean"
},
"feature": {
"$ref": "Tier0SecurityFeaturesSupported,
"required": true
}
},
"title": "T0 Security feature entity with feature details",
"type": "object"
}
Tier0SecurityFeatures (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier0SecurityFeatures",
"module_id": "PolicyGatewaySecurityFeature",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"features": {
"items": {
"$ref": "Tier0SecurityFeature
},
"required": true,
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "T0 Security features entity with feature details",
"type": "object"
}
Tier0SecurityFeaturesSupported (type)
{
"description": "Feature to be enabled/disabled. IDFW - Identity Firewall Use any one of this to enable/disabe it.",
"enum": [
"IDFW"
],
"id": "Tier0SecurityFeaturesSupported",
"module_id": "PolicyGatewaySecurityFeature",
"readonly": true,
"required": false,
"title": "Collection of T0 supported security features",
"type": "string"
}
Tier0StateRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "Tier0StateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"interface_path": {
"description": "String Path of interface on current Tier0 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.",
"title": "Interface path for interface specific state such as IPv6 DAD state",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Returns specific information based on the value specified. When not specified response include gateway state, status and DAD status from interfaces.",
"enum": [
"GATEWAY_STATE",
"GATEWAY_STATUS",
"IPV6_STATUS"
],
"title": "Returns specific information based on the value specified.",
"type": "string"
}
},
"title": "State request parameters for Tier0 gateway",
"type": "object"
}
Tier0VrfConfig (type)
{
"additionalProperties": false,
"description": "Tier-0 vrf configuration.",
"id": "Tier0VrfConfig",
"module_id": "PolicyConnectivity",
"properties": {
"evpn_l2_vni_config": {
"$ref": "VrfEvpnL2VniConfig,
"description": "It is required for VRF to participate in the EVPN service in ROUTE_SERVER mode.",
"required": false,
"title": "VRF configurations required for EVPN service in ROUTE_SERVER mode."
},
"evpn_transit_vni": {
"description": "L3 VNI associated with the VRF for overlay traffic of ethernet virtual private network (EVPN). It must be unique and available from the VNI pool defined for EVPN service. It is required for VRF to participate in the EVPN service in INLINE mode.",
"required": false,
"title": "L3 VNI associated with the VRF for overlay traffic",
"type": "int"
},
"route_distinguisher": {
"description": "Route distinguisher with format in IPAddress:<number> or ASN:<number>.",
"required": false,
"title": "Route distinguisher",
"type": "string"
},
"route_targets": {
"description": "Route targets.",
"items": {
"$ref": "VrfRouteTargets
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Route targets",
"type": "array"
},
"tier0_path": {
"description": "Default tier0 path. Cannot be modified after realization.",
"required": true,
"title": "Tier0 path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0"
],
"relationshipType": "VRF_CONFIG_TIER0_PATH_RELATIONSHIP",
"rightType": []
}
]
}
},
"title": "Tier-0 vrf configuration",
"type": "object"
}
Tier1 (type)
{
"additionalProperties": false,
"description": "Tier-1 instance configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier1",
"module_id": "PolicyConnectivity",
"policy_hierarchical_children": [
"ChildLocaleServices",
"ChildPolicyDnsForwarder",
"ChildSegment",
"ChildStaticRoutes"
],
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"arp_limit": {
"description": "Maximum number of ARP entries per transport node.",
"maximum": 50000,
"minimum": 5000,
"required": false,
"title": "ARP limit per transport node",
"type": "int"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"default_rule_logging": {
"default": false,
"deprecated": true,
"description": "Indicates if logging should be enabled for the default whitelisting rule. This field is deprecated and recommended to change Rule logging field. Note that this field is not synchronized with default logging field.",
"required": false,
"title": "Enable logging for whitelisted rule",
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_config_paths": {
"description": "DHCP configuration for Segments connected to Tier-1. DHCP service is enabled in relay mode.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "DHCP configuration for Segments connected to Tier-1",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "DHCP_SERVER_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpServerConfig"
]
},
{
"leftType": [
"Tier1"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"disable_firewall": {
"default": false,
"description": "Disable or enable gateway fiewall.",
"required": false,
"title": "Disable gateway firewall",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enable_standby_relocation": {
"default": false,
"description": "Flag to enable standby service router relocation. Standby relocation is not enabled until edge cluster is configured for Tier1.",
"required": false,
"title": "Flag to enable standby service router relocation.",
"type": "boolean"
},
"failover_mode": {
"default": "NON_PREEMPTIVE",
"description": "Determines the behavior when a Tier-1 instance restarts after a failure. If set to PREEMPTIVE, the preferred node will take over, even if it causes another failure. If set to NON_PREEMPTIVE, then the instance that restarted will remain secondary. Only applicable when edge cluster is configured in Tier1 locale-service.",
"enum": [
"PREEMPTIVE",
"NON_PREEMPTIVE"
],
"required": false,
"title": "Failover mode",
"type": "string"
},
"federation_config": {
"$ref": "FederationGatewayConfig,
"description": "Additional config for federation.",
"readonly": true,
"title": "Federation releated config"
},
"force_whitelisting": {
"default": false,
"deprecated": true,
"description": "This field is deprecated and recommended to change Rule action field. Note that this field is not synchornied with default rule field.",
"required": false,
"title": "Flag to add whitelisting FW rule during realization",
"type": "boolean"
},
"ha_mode": {
"description": "Specify high-availability mode for Tier-1.",
"enum": [
"ACTIVE_STANDBY"
],
"required": false,
"title": "High-availability Mode for Tier-1",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"intersite_config": {
"$ref": "IntersiteGatewayConfig,
"description": "Inter site routing configuration when the gateway is streched.",
"required": false,
"title": "Inter site routing configuration"
},
"ipv6_profile_paths": {
"description": "Configuration IPv6 NDRA and DAD profiles. Either or both NDRA and/or DAD profiles can be configured.",
"items": {
"type": "string"
},
"maxItems": 2,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA and DAD profiles configuration",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "IPV6_NDRA_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6NdraProfile"
]
},
{
"leftType": [
"Tier1"
],
"relationshipType": "IPV6_DAD_PROFILE_RELATIONSHIP",
"rightType": [
"Ipv6DadProfile"
]
}
]
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pool_allocation": {
"default": "ROUTING",
"description": "Supports edge node allocation at different sizes for routing and load balancer service to meet performance and scalability requirements. ROUTING: Allocate edge node to provide routing services. LB_SMALL, LB_MEDIUM, LB_LARGE, LB_XLARGE: Specify size of load balancer service that will be configured on TIER1 gateway.",
"enum": [
"ROUTING",
"LB_SMALL",
"LB_MEDIUM",
"LB_LARGE",
"LB_XLARGE"
],
"required": false,
"title": "Edge node allocation size",
"type": "string"
},
"qos_profile": {
"$ref": "GatewayQosProfileConfig,
"description": "QoS Profile configuration for Tier1 router link connected to Tier0 gateway.",
"required": false,
"title": "Gateway QoS Profile configuration"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"route_advertisement_rules": {
"items": {
"$ref": "RouteAdvertisementRule
},
"required": false,
"title": "Route advertisement rules and filtering",
"type": "array"
},
"route_advertisement_types": {
"description": "Enable different types of route advertisements. When not specified, routes to IPSec VPN local-endpoint subnets (TIER1_IPSEC_LOCAL_ENDPOINT) are automatically advertised.",
"items": {
"$ref": "Tier1RouteAdvertisentTypes
},
"required": false,
"title": "Enable different types of route advertisements",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tier0_path": {
"description": "Specify Tier-1 connectivity to Tier-0 instance.",
"required": false,
"title": "Tier-1 connectivity to Tier-0",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1"
],
"relationshipType": "PROVIDER_NETWORK_RELATIONSHIP",
"rightType": [
"Tier0"
]
}
]
},
"type": {
"description": "Tier1 connectivity type for reference. Property value is not validated with Tier1 configuration. ROUTED: Tier1 is connected to Tier0 gateway and routing is enabled. ISOLATED: Tier1 is not connected to any Tier0 gateway. NATTED: Tier1 is in ROUTED type with NAT configured locally.",
"enum": [
"ROUTED",
"ISOLATED",
"NATTED"
],
"required": false,
"title": "Tier1 type",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-1",
"type": "object"
}
Tier1DeploymentMap (type)
{
"additionalProperties": false,
"description": "Binding of Tier-1 to the enforcement point.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "Tier1DeploymentMap",
"module_id": "PolicyEnforcementPointManagement",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enforcement_point": {
"description": "Path of enforcement point on which Tier-1 shall be deployed.",
"required": true,
"title": "Absolute path of Enforcement Point",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Tier-1 Deployment Map",
"type": "object"
}
Tier1GatewayState (type)
{
"additionalProperties": false,
"id": "Tier1GatewayState",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"ipv6_status": {
"description": "IPv6 DAD status for interfaces configured on Tier1",
"items": {
"$ref": "IPv6Status
},
"title": "IPv6 DAD status for Tier1 interfaces",
"type": "array"
},
"tier1_state": {
"$ref": "LogicalRouterState,
"description": "Detailed realized state information for Tier1",
"title": "Tier1 state"
},
"tier1_status": {
"$ref": "LogicalRouterStatus,
"description": "Detailed realized status information for Tier1",
"title": "Tier1 status"
},
"transport_zone": {
"$ref": "PolicyTransportZone,
"description": "Transport Zone information which got configured on Gateway.",
"title": "Transport Zone Information"
}
},
"title": "Tier1 gateway state",
"type": "object"
}
Tier1Interface (type)
{
"additionalProperties": false,
"description": "Tier-1 interface configuration for attaching services.",
"extends": {
"$ref": "BaseTier0Interface
},
"id": "Tier1Interface",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"admin_state": {
"description": "This flag is used to enable/disable admin state on tier-1 service port. If admin_state flag value is not specified then default is UP. When set to UP then traffic on service port will be enabled and service port is enabled from routing perspective. When set to DOWN then traffic on service port will be disabled and service port is down from routing perspective. This flag is experimental because it will be used in V2T BYOT migration.",
"enum": [
"UP",
"DOWN"
],
"experimental": true,
"required": false,
"title": "Flag to enable/disable admin_state of tier-1 service port",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"dhcp_relay_path": {
"description": "Policy path of dhcp-relay-config to be attached to this Interface.",
"required": false,
"title": "policy path of referenced dhcp-relay-config",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier0Interface",
"Tier1Interface"
],
"relationshipType": "DHCP_RELAY_CONFIG_RELATIONSHIP",
"rightType": [
"DhcpRelayConfig"
]
}
]
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ipv6_profile_paths": {
"description": "Configrue IPv6 NDRA profile. Only one NDRA profile can be configured.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 0,
"required": false,
"title": "IPv6 NDRA profile configuration",
"type": "array"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"mtu": {
"description": "Maximum transmission unit (MTU) specifies the size of the largest packet that a network protocol can transmit.",
"minimum": 64,
"required": false,
"title": "MTU size",
"type": "int"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_path": {
"description": "Policy path of Segment to which interface is connected to.",
"required": true,
"title": "Policy path of Segment to attach interface",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"Tier1Interface"
],
"relationshipType": "INTERFACE_SEGMENT_RELATIONSHIP",
"rightType": [
"Segment"
]
}
]
},
"subnets": {
"description": "Specify IP address and network prefix for interface.",
"items": {
"$ref": "InterfaceSubnet
},
"minItems": 1,
"required": true,
"title": "IP address and subnet specification for interface",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"urpf_mode": {
"default": "STRICT",
"enum": [
"NONE",
"STRICT"
],
"required": false,
"title": "Unicast Reverse Path Forwarding mode",
"type": "string"
}
},
"title": "Tier-1 interface configuration",
"type": "object"
}
Tier1InterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier1InterfaceListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier1Interface
},
"required": true,
"title": "Tier-1 Interface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-1 Interfaces",
"type": "object"
}
Tier1ListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "Tier1ListRequestParameters",
"module_id": "PolicyConnectivity",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Tier-1 list request parameters",
"type": "object"
}
Tier1ListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "Tier1ListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "Tier1
},
"required": true,
"title": "Tier-1 list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged collection of Tier-1 instances",
"type": "object"
}
Tier1RouteAdvertisentTypes (type)
{
"additionalProperties": false,
"description": "Control routes advertised by Tier-1 instance. TIER1_STATIC_ROUTES: Advertise all STATIC routes. TIER1_CONNECTED: Advertise all subnets configured on connected Interfaces and Segments. TIER1_NAT: Advertise all NAT IP addresses. TIER1_LB_VIP: Advertise all Load-balancer VIPs. TIER1_LB_SNAT: Advertise all Loadbalancer SNAT IP addresses. TIER1_DNS_FORWARDER_IP: Advertise DNS forwarder source and listener IPs TIER1_IPSEC_LOCAL_ENDPOINT: Redistribute IPSec VPN local-endpoint subnets.",
"enum": [
"TIER1_STATIC_ROUTES",
"TIER1_CONNECTED",
"TIER1_NAT",
"TIER1_LB_VIP",
"TIER1_LB_SNAT",
"TIER1_DNS_FORWARDER_IP",
"TIER1_IPSEC_LOCAL_ENDPOINT"
],
"id": "Tier1RouteAdvertisentTypes",
"module_id": "PolicyConnectivity",
"type": "string"
}
Tier1StateRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "Tier1StateRequestParameters",
"module_id": "PolicyConnectivityStatistics",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "String Path of the enforcement point. When not specified, routes from all enforcement-points are returned.",
"title": "Enforcement point path",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"interface_path": {
"description": "String Path of interface on current Tier1 gateway for interface specified state such as IPv6 DAD state. When not specified, IPv6 NDRA state from from all interfaces is returned.",
"title": "Interface path for interface specific state such as IPv6 DAD state",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Returns specific information based on the value specified. When not specified response include gateway state, status and DAD status from interfaces.",
"enum": [
"GATEWAY_STATE",
"GATEWAY_STATUS",
"IPV6_STATUS"
],
"title": "Returns specific information based on the value specified.",
"type": "string"
}
},
"title": "State request parameters for Tier1 gateway",
"type": "object"
}
TimeRangeDropdownFilterWidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Represents configuration for dropdown filter widget for Time Range.",
"extends": {
"$ref": "DropdownFilterWidgetConfiguration
},
"id": "TimeRangeDropdownFilterWidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"type-identifier": "TimeRangeDropdownFilterWidgetConfiguration"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"alias": {
"description": "Alias to be used when emitting filter value.",
"title": "Alias to be used when emitting filter value",
"type": "string"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"default_value": {
"description": "Expression to specify default value of filter.",
"title": "Expression to specify default value",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"dropdown_filter_plot_config": {
"$ref": "DropdownFilterPlotConfiguration,
"description": "Dropdown filter plotting configuration. This plotting configuration will be applicable for the Dropdown filter only.",
"required": false,
"title": "Dropdown filter plotting configuration"
},
"dropdown_item": {
"$ref": "DropdownItem,
"description": "Defines the item of a dropdown.",
"required": false,
"title": "Definition for item of a dropdown"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"placeholder_msg": {
"description": "Placeholder message to be displayed in dropdown filter.",
"title": "Placeholder message to be shown in filter",
"type": "string"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"static_filter_condition": {
"description": "If the condition is met then the static filter will be added. If no condition is provided, then the static filters will be applied unconditionally.",
"title": "Expression for evaluating condition",
"type": "string"
},
"static_filters": {
"description": "Additional static items to be added in dropdown filter. Example can be 'ALL'.",
"items": {
"$ref": "StaticFilter
},
"title": "Additional static items to be added in dropdown filter",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"time_range_filter_info": {
"$ref": "TimeRangeFilterInfo,
"description": "Defines the time range filter configuration.",
"required": false,
"title": "Definition for time range filter."
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Time Range Dropdown Filter widget Configuration",
"type": "object"
}
TimeRangeFilterInfo (type)
{
"additionalProperties": false,
"id": "TimeRangeFilterInfo",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"from_param_name": {
"default": "fromDate",
"description": "from parameter name used for time range filter from date value.",
"maxLength": 1024,
"required": false,
"title": "from parameter name for time range filter.",
"type": "string"
},
"to_param_name": {
"default": "toDate",
"description": "to parameter name used for time range filter to date value.",
"maxLength": 1024,
"required": false,
"title": "to parameter name for time range filter",
"type": "string"
},
"value_type": {
"default": "EPOCH",
"description": "type of time range filter value can be epoch, ISO date Format.",
"enum": [
"EPOCH"
],
"required": false,
"title": "type of time range filter value",
"type": "string"
}
},
"title": "time range filter information",
"type": "object"
}
TlsCertificate (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCertificate",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"description": "list of X509Certificates.",
"items": {
"$ref": "X509Certificate
},
"readonly": true,
"required": false,
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"has_private_key": {
"default": false,
"description": "whether we have the private key for this certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "pem encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_certificate_type": {
"description": "Classification of the TlsCertificate helps differentiate how a TlsCertificate could be used for various components either as a client trust certificate; CERTIFICATE_CA, or as a server identity certificate; CERTIFICATE_SIGNED,or CERTIFICATE_SELF_SIGNED.",
"enum": [
"CERTIFICATE_CA",
"CERTIFICATE_SIGNED",
"CERTIFICATE_SELF_SIGNED"
],
"readonly": true,
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCertificateList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCertificateList",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "TlsCertificate list.",
"items": {
"$ref": "TlsCertificate
},
"readonly": true,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Certificate queries result",
"type": "object"
}
TlsCiphers (type)
{
"additionalProperties": false,
"enum": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA"
],
"id": "TlsCiphers",
"module_id": "PolicyTlsActionProfile",
"title": "TLS balanced cipher",
"type": "string"
}
TlsConfigProfileBindingMap (type)
{
"additionalProperties": false,
"description": "This entity will be used to establish association between TLS Config profile and Logical Routers.",
"extends": {
"$ref": "ProfileBindingMap
},
"id": "TlsConfigProfileBindingMap",
"module_id": "PolicyTlsConfigProfile",
"polymorphic-type-descriptor": {
"type-identifier": "TlsConfigProfileBindingMap"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profile_path": {
"description": "PolicyPath of associated Profile",
"required": true,
"title": "Profile Path",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"GroupDiscoveryProfileBindingMap"
],
"relationshipType": "GROUP_BINDINGMAP_IPDISCOVERY_PROFILE_RELATIONSHIP",
"rightType": [
"IPDiscoveryProfile"
]
},
{
"leftType": [
"PolicyFirewallFloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"FloodProtectionProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FloodProtectionProfile"
]
},
{
"leftType": [
"PolicyFirewallCPUMemThresholdsProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"FirewallCPUMemoryThresholdsProfile"
]
},
{
"leftType": [
"SessionTimerProfileBindingMap"
],
"relationshipType": "PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyFirewallSessionTimerProfile"
]
},
{
"leftType": [
"DnsSecurityProfileBindingMap"
],
"relationshipType": "DNS_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"DnsSecurityProfile"
]
},
{
"leftType": [
"GeneralSecurityProfileBindingMap"
],
"relationshipType": "GATEWAY_GENERAL_SECURITY_PROFILE_BINDING_MAP_PROFILE_RELATIONSHIP",
"rightType": [
"GeneralSecurityProfile"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Policy TLS Config Profile binding map",
"type": "object"
}
TlsConfigSettings (type)
{
"additionalProperties": false,
"description": "Pre-defined config settings. Settings could be one of Balanced, High Fidelity, High Security, Custom",
"enum": [
"BALANCED",
"HIGH_FIDELITY",
"HIGH_SECURITY",
"CUSTOM"
],
"help_summary": "- High Fidelity setting reduces the likelihood of TLS Proxy breaking an otherwise successful connection.\n Specifically, TLS Proxy preserves original client and server preferences (TLS version, ciphers, etc.) in the\n TLS handshake as much as possible.\n - Client side - support TLS versions and Ciphers\n - Server side - no restrictions\n- High Security setting enforces a stricter security posture such as enabling only the most secure\n TLS versions and ciphers.\n - Support TLS Versions and Ciphers\n- Balanced setting strikes a balance between security, performance and compatibility.\n - Support TLS Versions and Ciphers\n- Custom allows user to pick the settings to meet their requirements.\nThese pre-settings per release will be preserved for existing profiles even if changed in future releases.\n",
"id": "TlsConfigSettings",
"module_id": "PolicyTlsActionProfile",
"required": true,
"title": "TLS config settings",
"type": "string"
}
TlsCrl (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCrl",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"details": {
"$ref": "X509Crl,
"description": "Details of the X509Crl object.",
"readonly": true,
"required": false,
"title": "Details of the X509Crl object"
},
"details_revoked_by_issuer_and_serial_number": {
"items": {
"$ref": "IssuerSerialNumber
},
"readonly": true,
"required": false,
"title": "Certificates revoked by issuer and serial number",
"type": "array"
},
"details_revoked_by_subject_and_public_key_hash": {
"items": {
"$ref": "SubjectPublicKeyHash
},
"readonly": true,
"required": false,
"title": "Certificates revoked by subject and public key hash",
"type": "array"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"one_crl": {
"readonly": false,
"required": false,
"title": "JSON-encoded OneCRL-like object",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "Pem encoded crl data.",
"required": false,
"title": "Pem encoded crl data",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCrlListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCrlListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsCrl
},
"required": true,
"title": "TlsCrl list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TlsCrl",
"type": "object"
}
TlsCsr (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsCsr",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA"
],
"readonly": false,
"required": false,
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsCsrListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TlsCsrListResult",
"module_id": "PolicyCertificate",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TlsCsr
},
"required": true,
"title": "TlsCsr list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TlsCsr",
"type": "object"
}
TlsCsrWithDaysValid (type)
{
"additionalProperties": false,
"extends": {
"$ref": "TlsCsr
},
"id": "TlsCsrWithDaysValid",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"algorithm": {
"default": "RSA",
"description": "Cryptographic algorithm (asymmetric) used by the public key for data encryption.",
"enum": [
"RSA"
],
"readonly": false,
"required": false,
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"days_valid": {
"default": 825,
"maximum": 10000,
"minimum": 1,
"title": "Number of days the certificate will be valid, default 825 days",
"type": "integer"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_ca": {
"default": false,
"description": "Whether the CSR is for a CA certificate.",
"required": false,
"type": "boolean"
},
"key_size": {
"default": 4096,
"description": "Size measured in bits of the public key used in a cryptographic algorithm.",
"readonly": false,
"required": false,
"type": "integer"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": true,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"subject": {
"$ref": "Principal,
"description": "The certificate owner's information. (CN, O, OU, C, ST, L)",
"readonly": false,
"required": true
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "CSR data with days valid",
"type": "object"
}
TlsInspectionExternalProfile (type)
{
"additionalProperties": false,
"description": "External inspection profile is used when the TLS connection is destined to a service not owned by the enterprise.",
"extends": {
"$ref": "TlsProfile
},
"id": "TlsInspectionExternalProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "TlsInspectionExternalProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"client_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites client supports",
"type": "array"
},
"client_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version client supports"
},
"client_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported TLS versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version client supports"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"crypto_enforcement": {
"$ref": "CryptoEnforcement,
"default": "ENFORCE",
"required": false
},
"decryption_fail_action": {
"$ref": "DecryptionFailAction,
"default": "BYPASS",
"required": false
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"invalid_cert_action": {
"$ref": "InvalidCertificateAction,
"default": "ALLOW",
"required": false
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ocsp_must_staple": {
"default": false,
"description": "true - enable the ocsp must staple, false - disable it.",
"required": false,
"title": "Flag to enable/disable ocsp must staple",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"proxy_trusted_ca_cert": {
"description": "Proxy trusted ca cert and key used to issue valid ca certificate. This is the subordinate CA cert (referred to as Proxy CA) by the Enterprise Issuing CA.",
"required": true,
"title": "Proxy trusted ca cert and key",
"type": "string"
},
"proxy_untrusted_ca_cert": {
"description": "Proxy untrusted ca cert and key used to issue invalid ca certificate",
"required": true,
"title": "Proxy untrusted ca cert and key",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"server_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites server support",
"type": "array"
},
"server_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version server supports"
},
"server_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version server supports"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_config_setting": {
"$ref": "TlsConfigSettings,
"default": "BALANCED",
"required": false
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TLS inspection external profile",
"type": "object"
}
TlsInspectionInternalProfile (type)
{
"additionalProperties": false,
"description": "Internal inspection Profile is used when the TLS connection is destined to a service not owned by the enterprise.",
"extends": {
"$ref": "TlsProfile
},
"id": "TlsInspectionInternalProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"type-identifier": "TlsInspectionInternalProfile"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"certificate_validation": {
"default": false,
"description": "true - enable the certificate validation; false - disable it.",
"required": false,
"title": "Flag to enable/disable certificate validation",
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"client_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Client's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites client supports",
"type": "array"
},
"client_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Client's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Maximum TLS version client supports"
},
"client_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Client's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version client supports"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"crypto_enforcement": {
"$ref": "CryptoEnforcement,
"default": "ENFORCE",
"required": false
},
"decryption_fail_action": {
"$ref": "DecryptionFailAction,
"default": "BYPASS",
"required": false
},
"default_cert_key": {
"description": "Default server certificate presented to the user.",
"required": false,
"title": "One of the actual server certificate presented to the client",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"ocsp_must_staple": {
"default": false,
"description": "true - enable the ocsp must staple, false - disable it.",
"required": false,
"title": "Flag to enable/disable ocsp must staple",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"server_certs_key": {
"description": "Server certificate presented to the client.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": true,
"title": "Actual server certificate key",
"type": "array"
},
"server_cipher_suite": {
"default": [
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256",
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384",
"TLS_RSA_WITH_AES_128_GCM_SHA256",
"TLS_RSA_WITH_AES_128_CBC_SHA256",
"TLS_RSA_WITH_AES_256_GCM_SHA384",
"TLS_RSA_WITH_AES_256_CBC_SHA256"
],
"description": "Server's list of cipher suites. Required if CryptoEnforcement is ENFORCE. e.g. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256.",
"items": {
"$ref": "TlsCiphers
},
"maxItems": 128,
"required": false,
"title": "List of cipher suites server support",
"type": "array"
},
"server_max_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_2",
"description": "Server's maximum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. Supported versions are TLS1.0, TLS1.1 and TLS1.2",
"required": false,
"title": "Maximum TLS version server supports"
},
"server_min_tls_version": {
"$ref": "TlsProtocol,
"default": "TLS_V1_1",
"description": "Server's minimum TLS version to enforce. Required if CryptoEnforcement is ENFORCE. supported versions are TLS1.1 and TLS1.2.",
"required": false,
"title": "Minimum TLS version server supports"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_config_setting": {
"$ref": "TlsConfigSettings,
"default": "BALANCED",
"required": false
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "TLS inspection internal profile",
"type": "object"
}
TlsListenerCertificate (type)
{
"additionalProperties": false,
"description": "Returns the certificate and thumbprint of a remote TLS listener, if the listener is running and accepting requests. If the certificate cannot be retrieved, the result property describes the problem.",
"id": "TlsListenerCertificate",
"module_id": "PolicySiteGM",
"properties": {
"certificate": {
"$ref": "X509Certificate,
"description": "The certificate of the TLS listener.",
"readonly": true,
"title": "The certificate of the TLS listener"
},
"result": {
"description": "Result of get certificate operation.",
"enum": [
"SUCCESS",
"CONNECTION_TIMEOUT",
"NO_ROUTE_TO_HOST",
"CONNECTION_REFUSED"
],
"title": "Result of get certificate operation",
"type": "string"
},
"thumbprint": {
"description": "The SHA-256 thumbprint of the TLS listener.",
"readonly": true,
"title": "The SHA-256 thumbprint of the TLS listener",
"type": "string"
}
},
"title": "Remote TLS Listener Certificate",
"type": "object"
}
TlsListenerEndpointAddressRequestParameters (type)
{
"additionalProperties": false,
"description": "The hostname or IP, and TCP port number of the listener to connect to.",
"id": "TlsListenerEndpointAddressRequestParameters",
"module_id": "PolicySiteGM",
"properties": {
"address": {
"description": "Host name or IP address of TLS listener.",
"format": "hostname-or-ip",
"required": true,
"title": "Host name or IP address of TLS listener",
"type": "string"
},
"port": {
"description": "TCP port number of the TLS listener",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "TCP port number of the TLS listener",
"type": "int"
}
},
"title": "TLS Listener Endpoint Address Request Parameters",
"type": "object"
}
TlsPolicy (type)
{
"extends": {
"$ref": "Policy
},
"id": "TlsPolicy",
"module_id": "PolicyTls",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"category": {
"description": "- Distributed Firewall - Policy framework provides five pre-defined categories for classifying a security policy. They are \"Ethernet\",\"Emergency\", \"Infrastructure\" \"Environment\" and \"Application\". There is a pre-determined order in which the policy framework manages the priority of these security policies. Ethernet category is for supporting layer 2 firewall rules. The other four categories are applicable for layer 3 rules. Amongst them, the Emergency category has the highest priority followed by Infrastructure, Environment and then Application rules. Administrator can choose to categorize a security policy into the above categories or can choose to leave it empty. If empty it will have the least precedence w.r.t the above four categories. - Edge Firewall - Policy Framework for Edge Firewall provides six pre-defined categories \"Emergency\", \"SystemRules\", \"SharedPreRules\", \"LocalGatewayRules\", \"AutoServiceRules\" and \"Default\", in order of priority of rules. All categories are allowed for Gatetway Policies that belong to 'default' Domain. However, for user created domains, category is restricted to \"SharedPreRules\" or \"LocalGatewayRules\" only. Also, the users can add/modify/delete rules from only the \"SharedPreRules\" and \"LocalGatewayRules\" categories. If user doesn't specify the category then defaulted to \"Rules\". System generated category is used by NSX created rules, for example BFD rules. Autoplumbed category used by NSX verticals to autoplumb data path rules. Finally, \"Default\" category is the placeholder default rules with lowest in the order of priority.",
"required": false,
"title": "A way to classify a security policy, if needed.",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"comments": {
"description": "Comments for security policy lock/unlock.",
"readonly": false,
"required": false,
"title": "SecurityPolicy lock/unlock comments",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"internal_sequence_number": {
"description": "This field is to indicate the internal sequence number of a policy with respect to the policies across categories.",
"readonly": true,
"title": "Internal sequence number",
"type": "int"
},
"is_default": {
"description": "A flag to indicate whether policy is a default policy.",
"readonly": true,
"required": false,
"title": "Default policy flag",
"type": "boolean"
},
"lock_modified_by": {
"description": "ID of the user who last modified the lock for the secruity policy.",
"readonly": true,
"required": false,
"title": "User who locked the security policy",
"type": "string"
},
"lock_modified_time": {
"$ref": "EpochMsTimestamp,
"description": "SecurityPolicy locked/unlocked time in epoch milliseconds.",
"readonly": true,
"required": false,
"title": "SecuirtyPolicy locked/unlocked time"
},
"locked": {
"default": false,
"description": "Indicates whether a security policy should be locked. If the security policy is locked by a user, then no other user would be able to modify this security policy. Once the user releases the lock, other users can update this security policy.",
"required": false,
"title": "Lock a security policy",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_count": {
"description": "The count of rules in the policy.",
"readonly": true,
"title": "Rule count",
"type": "int"
},
"rules": {
"items": {
"$ref": "TlsRule
},
"required": false,
"title": "Rules that are a part of this TLSPolicy",
"type": "array"
},
"scheduler_path": {
"description": "Provides a mechanism to apply the rules in this policy for a specified time duration.",
"readonly": false,
"required": false,
"title": "Path to the scheduler for time based scheduling",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SECURITY_POLICY_SCHEDULER_RELATIONSHIP",
"rightType": [
"PolicyFirewallScheduler"
]
}
]
},
"scope": {
"description": "The list of group paths where the rules in this policy will get applied. This scope will take precedence over rule level scope. Supported only for security and redirection policies. In case of RedirectionPolicy, it is expected only when the policy is NS and redirecting to service chain.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"ForwardingPolicy",
"SecurityPolicy"
],
"relationshipType": "COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"PolicyLabel"
]
},
{
"leftType": [
"RedirectionPolicy"
],
"relationshipType": "REDIRECTION_COMMUNICATION_MAP_SCOPE_RELATIONSHIP",
"rightType": [
"Group",
"Tier1",
"Tier0"
]
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between security policies across domains. In order to change the sequence number of a policy one can fire a POST request on the policy entity with a query parameter action=revise The sequence number field will reflect the value of the computed sequence number upon execution of the above mentioned POST request. For scenarios where the administrator is using a template to update several security policies, the only way to set the sequence number is to explicitly specify the sequence number for each security policy. If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple policies with the same sequence number then their order is not deterministic. If a specific order of policies is desired, then one has to specify unique sequence numbers or use the POST request on the policy entity with a query parameter action=revise to let the framework assign a sequence number. The value of sequence number must be between 0 and 999,999.",
"minimum": 0,
"title": "Sequence number to resolve conflicts across Domains",
"type": "int"
},
"stateful": {
"description": "Stateful or Stateless nature of security policy is enforced on all rules in this security policy. When it is stateful, the state of the network connects are tracked and a stateful packet inspection is performed. Layer3 security policies can be stateful or stateless. By default, they are stateful. Layer2 security policies can only be stateless.",
"readonly": false,
"required": false,
"title": "Stateful nature of the entries within this security policy.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tcp_strict": {
"description": "Ensures that a 3 way TCP handshake is done before the data packets are sent. tcp_strict=true is supported only for stateful security policies. If the tcp_strict flag is not specified and the security policy is stateful, then tcp_strict will be set to true.",
"readonly": false,
"required": false,
"title": "Enforce strict tcp handshake before allowing data packets",
"type": "boolean"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Contains ordered list of Rules for TLSPolicy",
"type": "object"
}
TlsProfile (type)
{
"abstract": true,
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsProfile",
"module_id": "PolicyTlsActionProfile",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"attention": {
"description": "Used to indicate an TLS version or Cipher version pre-defined settings mis-match.",
"readonly": true,
"required": false,
"title": "TLS Pre-defined settings mis-match",
"type": "string"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"crls": {
"default": [
"/infra/crls/default_public_crl"
],
"description": "Bypass profile - CRL is required if the \"invalid_certificate\" action is allow. External profile - CRL is always required. Internal profile - CRL is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "Certificate Revocation List Ids",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"idle_connection_timeout": {
"default": 5400,
"description": "Timeout the connection when kept idle. Default is 90 minutes.",
"maximum": 4320000,
"minimum": 1,
"required": false,
"title": "Idle connection timeout in seconds",
"type": "int"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "Resource type to use as profile type",
"enum": [
"TlsInspectionBypassProfile",
"TlsInspectionExternalProfile",
"TlsInspectionInternalProfile"
],
"help_summary": "Possible values are\n'TlsInspectionExternalProfile',\n'TlsInspectionInternalProfile'\n",
"required": true,
"title": "Resource type to use as profile type.",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"trusted_ca_bundles": {
"default": [
"/infra/cabundles/default_trusted_public_ca_bundle"
],
"description": "Bypass profile - CA bundle is required if the \"invalid_certificate\" action is allow. External profile - CA bundle is always required. Internal profile - CA bundle is required if \"certificate_validation\" is turned on.",
"items": {
"type": "string"
},
"maxItems": 100,
"required": false,
"title": "List of CA bundle Ids",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TlsProtocol (type)
{
"additionalProperties": false,
"enum": [
"TLS_V1_2",
"TLS_V1_1",
"TLS_V1_0"
],
"id": "TlsProtocol",
"module_id": "PolicyTlsActionProfile",
"title": "TLS protocol",
"type": "string"
}
TlsRule (type)
{
"additionalProperties": false,
"description": "A rule indicates the decryption actions to be performed for various types of traffic flowing between workload groups.",
"extends": {
"$ref": "BaseRule
},
"id": "TlsRule",
"module_id": "PolicyTls",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"destination_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Destination group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_DEST_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"destinations_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the destination groups. If false, the rule applies to the destination groups",
"readonly": false,
"required": false,
"title": "Negation of destination groups",
"type": "boolean"
},
"direction": {
"default": "IN_OUT",
"description": "Define direction of traffic.",
"enum": [
"IN",
"OUT",
"IN_OUT"
],
"required": false,
"title": "Direction",
"type": "string"
},
"disabled": {
"default": false,
"description": "Flag to disable the rule. Default is enabled.",
"readonly": false,
"required": false,
"title": "Flag to disable the rule",
"type": "boolean"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"ip_protocol": {
"description": "Type of IP packet that should be matched while enforcing the rule. The value is set to IPV4_IPV6 for Layer3 rule if not specified. For Layer2/Ether rule the value must be null.",
"enum": [
"IPV4",
"IPV6",
"IPV4_IPV6"
],
"readonly": false,
"required": false,
"title": "IPv4 vs IPv6 packet type",
"type": "string"
},
"is_default": {
"description": "A flag to indicate whether rule is a default rule.",
"readonly": true,
"required": false,
"title": "Default rule flag",
"type": "boolean"
},
"logged": {
"default": false,
"description": "Flag to enable packet logging. Default is disabled.",
"readonly": false,
"required": false,
"title": "Enable logging flag",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"notes": {
"description": "Text for additional notes on changes.",
"maxLength": 2048,
"readonly": false,
"required": false,
"title": "Text for additional notes on changes",
"type": "string"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"profiles": {
"description": "Holds the list of layer 7 service profile paths. These profiles accept attributes and sub-attributes of various network services (e.g. L4 AppId, encryption algorithm, domain name, etc) as key value pairs. Instead of Layer 7 service profiles you can use a L7 access profile. One of either Layer 7 service profiles or L7 Access Profile can be used in firewall rule. In case of L7 access profile only one is allowed.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Layer 7 service profiles or TLS action profile",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_CONTEXT_PROFILE_RELATIONSHIP",
"rightType": [
"PolicyContextProfile"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_IDS_PROFILE_RELATIONSHIP",
"rightType": [
"IdsProfile",
"IdsProfile"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"rule_id": {
"description": "This is a unique 4 byte positive number that is assigned by the system. This rule id is passed all the way down to the data path. The first 1GB (1000 to 2^30) will be shared by GM and LM with zebra style striped number space. For E.g 1000 to (1Million -1) by LM, (1M - 2M-1) by GM and so on.",
"readonly": true,
"required": false,
"title": "Unique rule ID",
"type": "integer"
},
"scope": {
"description": "The list of policy paths where the rule is applied LR/Edge/T0/T1/LRP etc. Note that a given rule can be applied on multiple LRs/LRPs.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier0Interface",
"Tier1Interface",
"Tier0",
"Tier1",
"IPSecVpnSession",
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SCOPE_RELATIONSHIP",
"rightType": [
"PolicyLabel",
"Tier1Interface",
"Tier0",
"Tier1Interface",
"Tier1",
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sequence_number": {
"description": "This field is used to resolve conflicts between multiple Rules under Security or Gateway Policy for a Domain If no sequence number is specified in the payload, a value of 0 is assigned by default. If there are multiple rules with the same sequence number then their order is not deterministic. If a specific order of rules is desired, then one has to specify unique sequence numbers or use the POST request on the rule entity with a query parameter action=revise to let the framework assign a sequence number",
"minimum": 0,
"required": false,
"title": "Sequence number of the this Rule",
"type": "int"
},
"service_entries": {
"description": "In order to specify raw services this can be used, along with services which contains path to services. This can be empty or null.",
"items": {
"$ref": "ServiceEntry
},
"maxItems": 128,
"required": false,
"title": "Raw services",
"type": "array"
},
"services": {
"description": "In order to specify all services, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the services array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Names of services",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SERVICE_RELATIONSHIP",
"rightType": [
"Service"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"source_groups": {
"description": "We need paths as duplicate names may exist for groups under different domains. Along with paths we support IP Address of type IPv4 and IPv6. IP Address can be in one of the format(CIDR, IP Address, Range of IP Address). In order to specify all groups, use the constant \"ANY\". This is case insensitive. If \"ANY\" is used, it should be the ONLY element in the group array. Error will be thrown if ANY is used in conjunction with other values.",
"items": {
"type": "string"
},
"maxItems": 128,
"required": false,
"title": "Source group paths",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"Rule",
"ForwardingRule",
"RedirectionRule"
],
"relationshipType": "COMMUNICATION_ENTRY_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"TlsRule"
],
"relationshipType": "TLS_GATEWAY_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"IdsRule"
],
"relationshipType": "IDS_RULE_SOURCE_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
},
{
"leftType": [
"SecurityPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"GatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"ForwardingPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
},
{
"leftType": [
"IdsGatewayPolicy"
],
"relationshipType": "IGNORE",
"rightType": []
}
]
},
"sources_excluded": {
"default": false,
"description": "If set to true, the rule gets applied on all the groups that are NOT part of the source groups. If false, the rule applies to the source groups",
"readonly": false,
"required": false,
"title": "Negation of source groups",
"type": "boolean"
},
"tag": {
"description": "User level field which will be printed in CLI and packet logs. Even though there is no limitation on length of a tag, internally tag will get truncated after 32 characters.",
"required": false,
"title": "Tag applied on the rule",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tls_profile": {
"description": "TLS profile path.",
"required": true,
"title": "TLS inspection action profile path",
"type": "string"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "A rule specifies the TLS policy rule between the workload groups",
"type": "object"
}
TlsTrustData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TlsTrustData",
"module_id": "PolicyCertificate",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key_algo": {
"description": "Key algorithm contained in this certificate.",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"passphrase": {
"description": "Password for private key encryption.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"pem_encoded": {
"description": "pem encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"private_key": {
"description": "private key data",
"readonly": false,
"required": false,
"sensitive": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"type": "object"
}
TnNodeStackSpanStatus (type)
{
"description": "List all the TNs spaned in L3PortMirrorSession mirror stack health status.",
"id": "TnNodeStackSpanStatus",
"module_id": "PortMirroring",
"properties": {
"dedicated_stack_status": {
"$ref": "MirrorStackStatusType,
"description": "Show the dedicated mirror stack health status, if the TN node has the mirror stack, it will show SUCCESS or it will show FAILED.",
"required": true,
"title": "Mirror stack health status"
},
"detail": {
"description": "Give the detail info for mirror stack and vmknic health status. If the stack or vmknic is FAILED, detail info will tell user reason why the stauts is FAILED. So that user can correct their configuration.",
"required": true,
"title": "give detail info and reason about the vmknic and statck status",
"type": "string"
},
"last_updated_time": {
"$ref": "EpochMsTimestamp,
"description": "TN miror stack status will be updated periodically, this item indicates the lastest timestamp of TN node stack status is updated.",
"required": true,
"title": "last updated time of TN node stack status"
},
"tn_node_id": {
"description": "For L3PortMirrorSession configured mirror stack, show the TN node UUID which spaned in L3PortMirrorSession.",
"title": "TN node ID that configured L3PortMirrorSession mirror stack",
"type": "string"
},
"tn_node_name": {
"description": "For L3PortMirrorSession configured mirror stack, show the TN node friendly name which spaned in L3PortMirrorSession.",
"required": true,
"title": "TN node name that configured L3SPAN mirror stack",
"type": "string"
},
"vmknic_status": {
"$ref": "MirrorStackStatusType,
"description": "Show the vmknic health status, if the vmknic has been bouned to mirror stack, it will show SUCCESS or it will show FAILED.",
"required": true,
"title": "Mirror vmknic status"
}
},
"title": "List all L3PortMirrorSession TN nodes mirror stack health status",
"type": "object"
}
TokenBasedPrincipalIdentity (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "TokenBasedPrincipalIdentity",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_protected": {
"description": "Indicator whether the entities created by this principal should be protected.",
"readonly": false,
"required": false,
"title": "Protection indicator",
"type": "boolean"
},
"name": {
"description": "Name of the principal. This will be matched to the name provided in the token.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._@]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Name",
"type": "string"
},
"node_id": {
"description": "Unique node-id of a principal. This is used primarily in the case where a cluster of nodes is used to make calls to the NSX Manager and the same 'name' is used so that the nodes can access and modify the same data while still accessing NSX through their individual secret (certificate or JWT). In all other cases this can be any string.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Unique node-id",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
TokenBasedPrincipalIdentityListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TokenBasedPrincipalIdentityListResult",
"module_id": "CertificateManager",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"description": "TokenBasedPrincipalIdentity list.",
"items": {
"$ref": "TokenBasedPrincipalIdentity
},
"readonly": false,
"required": true,
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Token-based PrincipalIdentity query result",
"type": "object"
}
Tooltip (type)
{
"additionalProperties": false,
"description": "Tooltip to be shown while hovering over the dashboard UI element.",
"id": "Tooltip",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"condition": {
"description": "If the condition is met then the tooltip will be applied. If no condition is provided, then the tooltip will be applied unconditionally. Examples of expression syntax are provided under 'example_request' section of 'CreateWidgetConfiguration' API.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"heading": {
"description": "If true, displays tooltip text in bold",
"title": "Tooltip will be treated as header.",
"type": "boolean"
},
"text": {
"description": "Text to be shown on tooltip while hovering over UI element. The text would be wrapped if it exceeds 80 chars.",
"maxLength": 1024,
"required": true,
"title": "Textbox shown at tooltip",
"type": "string"
}
},
"title": "Tooltip",
"type": "object"
}
Traceflow (type)
{
"extends": {
"$ref": "ManagedResource
},
"id": "Traceflow",
"module_id": "Traceflow",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"analysis": {
"items": {
"type": "string"
},
"readonly": true,
"title": "Traceflow result analysis notes",
"type": "array"
},
"counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "observation counters"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"readonly": true,
"required": true,
"title": "The id of the traceflow round",
"type": "string"
},
"logical_counters": {
"$ref": "TraceflowObservationCounters,
"readonly": true,
"required": false,
"title": "counters of observations from logical components"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "id of the source logical port used for injecting the traceflow packet",
"type": "string"
},
"operation_state": {
"enum": [
"IN_PROGRESS",
"FINISHED",
"FAILED"
],
"readonly": true,
"required": true,
"title": "Represents the traceflow operation state",
"type": "string"
},
"request_status": {
"description": "The status of the traceflow RPC request. SUCCESS - The traceflow request is sent successfully. TIMEOUT - The traceflow request gets timeout. SOURCE_PORT_NOT_FOUND - The source port of the request cannot be found. DATA_PATH_NOT_READY - The datapath component cannot be ready to receive request. CONNECTION_ERROR - There is connection error on datapath component. UNKNOWN - The status of traceflow request cannot be determined.",
"enum": [
"SUCCESS",
"TIMEOUT",
"SOURCE_PORT_NOT_FOUND",
"DATA_PATH_NOT_READY",
"CONNECTION_ERROR",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "Traceflow request status",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"result_overflowed": {
"readonly": true,
"required": false,
"title": "A flag, when set true, indicates some observations were deleted from the result set.",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"description": "Maximum time (in ms) the management plane will be waiting for this traceflow round. Upper limit for federation case is 90000, for non-federation case is 15000, the maximum is set to 90000 as the higher of the two cases.",
"maximum": 90000,
"minimum": 5000,
"readonly": true,
"required": false,
"title": "Timeout (in ms) for traceflow observations result list",
"type": "integer"
}
},
"type": "object"
}
TraceflowComponentSubType (type)
{
"enum": [
"LR_TIER0",
"LR_TIER1",
"LR_VRF_TIER0",
"LS_TRANSIT",
"SI_CLASSIFIER",
"SI_PROXY",
"VDR",
"ENI",
"AWS_GATEWAY",
"TGW_ROUTE",
"EDGE_UPLINK",
"DELL_GATEWAY",
"LGW_ROUTE",
"UNKNOWN"
],
"id": "TraceflowComponentSubType",
"module_id": "Traceflow",
"type": "string"
}
TraceflowComponentType (type)
{
"enum": [
"PHYSICAL",
"LR",
"LS",
"DFW",
"BRIDGE",
"EDGE_TUNNEL",
"EDGE_HOSTSWITCH",
"FW_BRIDGE",
"EDGE_RTEP_TUNNEL",
"LOAD_BALANCER",
"NAT",
"IPSEC",
"SERVICE_INSERTION",
"VMC",
"SPOOFGUARD",
"EDGE_FW",
"DLB",
"ANTREA_SPOOFGUARD",
"ANTREA_LB",
"ANTREA_ROUTING",
"ANTREA_DFW",
"ANTREA_FORWARDING",
"HOST_SWITCH",
"UNKNOWN"
],
"id": "TraceflowComponentType",
"module_id": "Traceflow",
"type": "string"
}
TraceflowConfig (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyConfigResource
},
"id": "TraceflowConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_transient": {
"default": true,
"description": "This field indicates if intent is transient and will be cleaned up by the system if set to true",
"required": false,
"title": "Marker to indicate if intent is transient",
"type": "boolean"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"packet": {
"$ref": "PacketData,
"description": "Configuration of packet data",
"required": true,
"title": "Packet configuration"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"segment_port_path": {
"deprecated": true,
"description": "Policy path or UUID of segment port to start traceflow from. Auto-plumbed ports don't have corresponding policy path. Ports auto-created by policy as part of connecting segment to Tier-0 or Tier-1 or DHCP server cannot be used. UUID is validated for syntax only. This configuration will be cleaned up by the system after two hours of inactivity.",
"title": "Segment Port Path or UUID",
"type": "string"
},
"source_id": {
"description": "Policy path or UUID of segment port to start traceflow from. Auto-plumbed ports don't have corresponding policy path. UUID is validated for syntax only. This configuration will be cleaned up by the system after two hours of inactivity.",
"title": "Segment Port Path or UUID",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"timeout": {
"default": 10,
"description": "Maximum time in seconds the management plane will wait for observation result to be generated. The default, minimum and maximum timeout values, in seconds, for: Single site environment - minimum 5, default 10, maximum 15. Federated enviroment - minimum 15, default 30, maximum 60. These values are validated by the system based on type of environment.",
"maximum": 60,
"minimum": 5,
"required": false,
"title": "Timeout for traceflow observation results",
"type": "integer"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Traceflow configuration",
"type": "object"
}
TraceflowConfigListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TraceflowConfigListResult",
"module_id": "PolicyConnectivity",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TraceflowConfig
},
"required": true,
"title": "TraceflowConfig list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Paged Collection of TraceflowConfigs",
"type": "object"
}
TraceflowObservation (type)
{
"abstract": true,
"additionalProperties": false,
"id": "TraceflowObservation",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"mode": "enabled",
"property-name": "resource_type"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationCounters (type)
{
"id": "TraceflowObservationCounters",
"module_id": "Traceflow",
"properties": {
"delivered_count": {
"description": "Total number of delivered observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Delivered observation count",
"type": "integer"
},
"dropped_count": {
"description": "Total number of dropped observations for this round.",
"readonly": true,
"required": false,
"title": "Dropped observation count",
"type": "integer"
},
"forwarded_count": {
"description": "Total number of forwarded observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Forwarded observation count",
"type": "integer"
},
"received_count": {
"description": "Total number of received observations for this traceflow round.",
"readonly": true,
"required": false,
"title": "Received observation count",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationDelivered (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationDelivered",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDelivered"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port into which the traceflow packet was delivered",
"type": "string"
},
"resolution_type": {
"description": "This field specifies the resolution type of ARP ARP_SUPPRESSION_PORT_CACHE - ARP request is suppressed by port DB ARP_SUPPRESSION_TABLE - ARP request is suppressed by ARP table ARP_SUPPRESSION_CP_QUERY - ARP request is suppressed by info derived from CP ARP_VM - No suppression and the ARP request is resolved.",
"enum": [
"UNKNOWN",
"ARP_SUPPRESSION_PORT_CACHE",
"ARP_SUPPRESSION_TABLE",
"ARP_SUPPRESSION_CP_QUERY",
"ARP_VM"
],
"readonly": true,
"required": false,
"title": "The resolution type of the delivered message for ARP",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"target_mac": {
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address of the resolved IP by ARP",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan_id": {
"$ref": "VlanID,
"required": false,
"title": "VLAN on bridged network"
}
},
"type": "object"
}
TraceflowObservationDropped (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationDropped",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDropped"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationDroppedLogical (type)
{
"extends": {
"$ref": "TraceflowObservationDropped
},
"id": "TraceflowObservationDroppedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationDroppedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to drop the traceflow packet",
"type": "integer"
},
"arp_fail_reason": {
"description": "This field specifies the ARP fails reason ARP_TIMEOUT - ARP failure due to query control plane timeout ARP_CPFAIL - ARP failure due post ARP query message to control plane failure ARP_FROMCP - ARP failure due to deleting ARP entry from control plane ARP_PORTDESTROY - ARP failure due to port destruction ARP_TABLEDESTROY - ARP failure due to ARP table destruction ARP_NETDESTROY - ARP failure due to overlay network destruction",
"enum": [
"ARP_UNKNOWN",
"ARP_TIMEOUT",
"ARP_CPFAIL",
"ARP_FROMCP",
"ARP_PORTDESTROY",
"ARP_TABLEDESTROY",
"ARP_NETDESTROY"
],
"readonly": true,
"required": false,
"title": "The detailed drop reason of ARP traceflow packet",
"type": "string"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that dropped the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was dropped",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to drop the traceflow packet",
"type": "integer"
},
"reason": {
"description": "This field specifies the drop reason of traceflow packet. ARP_FAIL - ARP request fails for some reasons, please refer arp_fail_reason for detail BFD - BFD packet is dropped because traversed by non-operative interface or encountering internal error (e.g., memory insufficient) BROADCAST - Packet is dropped during traversing the interface (e.g., Edge uplink, Edge centralized service port) which disallow ethernet broadcast DHCP - DHCP packet is malformed DLB - The packet is disallowed by distributed load balancing FW_RULE - The packet matches a drop or reject rule of DFW or Edge firewall GENEVE - GENEVE packet is malformed GRE - GRE packet is malformed or traverses a non-operative interface IFACE - Packet traverses a non-operative interface IP - Packet is dropped because of IP related causes (e.g., ICMPv4/ICMPv6 packet is malformed, or DF flag is set but fragment must be performed for the packet) or corresponding interface is not found or inoperative IP_REASS - Packet is dropped during IP reassembly IPSEC - IPsec protocol related packet is dropped IPSEC_VTI - IPsec required SA is not found or traversing inoperative interface cause packet dropped L2VPN - VLAN id of GRE packet is invalid L4PORT - Layer 4 packet (e.g., BFD, DHCP) is dropped LB - Packet is dropped by load balancing rule LROUTER - Packet is dropped by logical router LSERVICE - Packet is malformed or traverses inoperative logical service interface LSWITCH - Packet is dropped by logical switch MANAGEMENT - Packet is dropped by Edge datapath MANAGEMENT service port MD_PROXY - Packet is dropped by metadata proxy NAT - Packet is dropped by NAT rule RTEP_TUNNEL - Unused drop reason ND_NS_FAIL - Neighbor Discovery packet fails NEIGH - ARP or Neighbor Discovery packet fails NO_EIP_FOUND - Destination IP is not an elastic IP NO_EIP_ASSOCIATION - Elastic IP is not associated with active edge VDR ENI NO_ENI_FOR_IP - There is no ENI found for the destination IP NO_ENI_FOR_LIF - Cannot find an ENI associated with uplink LIF NO_ROUTE - Cannot find route for destination IP NO_ROUTE_TABLE_FOUND - Cannot find associated route table NO_UNDERLAY_ROUTE_FOUND - Cannot find AWS route to destination NOT_VDR_DOWNLINK - Packet is not forwarded to VMC unmanaged VDR downlink NO_VDR_FOUND - VMC unmanaged VDR associated with Edge uplink is not found NO_VDR_ON_HOST - Cannot find VMC unmanaged VDR list on this host NOT_VDR_UPLINK - Packet is not forwarded to VDR uplink SERVICE_INSERT - Packet from guest VM to service VM or from service VM to guest VM is dropped by firewall rule SPOOFGUARD - Packet is blocked by SpoofGuard policy TTL_ZERO - The IPv4 time to live field or the IPv6 hop limit field of packet is zero TUNNEL - Overlay tunnel management packet (VNI value of GENEVE header is 0, e.g., BFD) is dropped VLAN - VLAN id of packet is disallowed by the given port VXLAN - VXLAN packet is malformed or cannot find tunnel port for it VXSTT - Unused drop reason VMC_NO_RESPONSE - Failed to query VMC observations as no response from VMC app WRONG_UPLINK - Packet is not routed to the expected Edge uplink by VMC unmanaged VDR FW_STATE - Packet is dropped by stateful firewall",
"enum": [
"ARP_FAIL",
"BFD",
"BROADCAST",
"DHCP",
"DLB",
"FW_RULE",
"GENEVE",
"GRE",
"IFACE",
"IP",
"IP_REASS",
"IPSEC",
"IPSEC_VTI",
"L2VPN",
"L4PORT",
"LB",
"LROUTER",
"LSERVICE",
"LSWITCH",
"MANAGEMENT",
"MD_PROXY",
"NAT",
"RTEP_TUNNEL",
"ND_NS_FAIL",
"NEIGH",
"NO_EIP_FOUND",
"NO_EIP_ASSOCIATION",
"NO_ENI_FOR_IP",
"NO_ENI_FOR_LIF",
"NO_ROUTE",
"NO_ROUTE_TABLE_FOUND",
"NO_UNDERLAY_ROUTE_FOUND",
"NOT_VDR_DOWNLINK",
"NO_VDR_FOUND",
"NO_VDR_ON_HOST",
"NOT_VDR_UPLINK",
"SERVICE_INSERT",
"SPOOFGUARD",
"TTL_ZERO",
"TUNNEL",
"VLAN",
"VXLAN",
"VXSTT",
"VMC_NO_RESPONSE",
"WRONG_UPLINK",
"FW_STATE",
"NO_MAC",
"UNKNOWN"
],
"readonly": true,
"required": false,
"title": "The reason traceflow packet was dropped",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_path_index": {
"description": "The index of service path that is a chain of services represents the point where the traceflow packet was dropped.",
"readonly": true,
"required": false,
"title": "The index of service path",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationForwarded (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationForwarded",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationForwarded"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"context": {
"required": false,
"title": "The 64bit tunnel context carried on the wire",
"type": "integer"
},
"dst_transport_node_id": {
"description": "This field will not be always available. Use remote_ip_address when this field is not set.",
"readonly": true,
"required": false,
"title": "The id of the transport node to which the traceflow packet is forwarded",
"type": "string"
},
"dst_transport_node_name": {
"readonly": true,
"required": false,
"title": "The name of the transport node to which the traceflow packet is forwarded",
"type": "string"
},
"local_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the source end of the tunnel"
},
"remote_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the destination end of the tunnel"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"required": false,
"title": "The name of the uplink the traceflow packet is forwarded on",
"type": "string"
},
"vtep_label": {
"required": false,
"title": "The virtual tunnel endpoint label",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationForwardedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationForwardedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationForwardedLogical"
},
"properties": {
"acl_rule_id": {
"description": "This field is specified when the traceflow packet matched a L3 firewall rule.",
"readonly": true,
"required": false,
"title": "The id of the L3 firewall rule that was applied to forward the traceflow packet",
"type": "integer"
},
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that forwarded the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_component_id": {
"readonly": true,
"required": false,
"title": "The id of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_name": {
"readonly": true,
"required": false,
"title": "The name of the destination component to which the traceflow packet was forwarded.",
"type": "string"
},
"dst_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the destination component to which the traceflow packet was forwarded."
},
"jumpto_rule_id": {
"description": "This field is specified when the traceflow packet matched a jump-to rule.",
"readonly": true,
"required": false,
"title": "The ID of the jump-to rule that was applied to the traceflow packet",
"type": "integer"
},
"l2_rule_id": {
"description": "This field is specified when the traceflow packet matched a l2 rule.",
"readonly": true,
"required": false,
"title": "The ID of the l2 rule that was applied to the traceflow packet",
"type": "integer"
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port through which the traceflow packet was forwarded.",
"type": "string"
},
"nat_rule_id": {
"description": "This field is specified when the traceflow packet matched a NAT rule.",
"readonly": true,
"required": false,
"title": "The ID of the NAT rule that was applied to forward the traceflow packet",
"type": "integer"
},
"resend_type": {
"description": "ARP_UNKNOWN_FROM_CP - Unknown ARP query result emitted by control plane ND_NS_UNKNOWN_FROM_CP - Unknown neighbor solicitation query result emitted by control plane UNKNOWN - Unknown resend type",
"enum": [
"UNKNOWN",
"ARP_UNKNOWN_FROM_CP",
"ND_NS_UNKNWON_FROM_CP"
],
"readonly": true,
"required": false,
"title": "The type of packet resending",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"service_index": {
"readonly": true,
"required": false,
"title": "The index of the service insertion component",
"type": "integer"
},
"service_path_index": {
"readonly": true,
"required": false,
"title": "The path index of the service insertion component",
"type": "integer"
},
"service_ttl": {
"readonly": true,
"required": false,
"title": "The ttl of the service insertion component",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"spoofguard_ip": {
"$ref": "IPCIDRBlock,
"description": "This field specified the prefix IP address a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "Prefix IP address matched in the whitelist in spoofguard"
},
"spoofguard_mac": {
"$ref": "MACAddress,
"description": "The source MAC address of form: \"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\". For example: 00:00:00:00:00:00.",
"readonly": true,
"required": false,
"title": "MAC address matched in the whitelist in spoofguard"
},
"spoofguard_vlan_id": {
"$ref": "VlanID,
"description": "This field specified the VLAN id a traceflow packet matched in the whitelist in spoofguard.",
"readonly": true,
"required": false,
"title": "VLAN id matched in the whitelist in spoofguard"
},
"svc_nh_mac": {
"description": "MAC address of nexthop for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of nexthop",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"translated_dst_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated destination IP address of VNP/NAT"
},
"translated_src_ip": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "The translated source IP address of VPN/NAT"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was forwarded by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was forwarded"
},
"vni": {
"description": "This field is specified when the traceflow packet was forwarded by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was forwarded.",
"type": "int"
}
},
"type": "object"
}
TraceflowObservationListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "TraceflowObservationListResult",
"module_id": "Traceflow",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "TraceflowObservation
},
"required": false,
"title": "TraceflowObservation list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
TraceflowObservationReceived (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReceived",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReceived"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"local_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the destination end of the tunnel"
},
"remote_ip_address": {
"$ref": "IPAddress,
"required": false,
"title": "IP address of the source end of the tunnel"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"required": false,
"title": "The name of the uplink the traceflow packet is received on",
"type": "string"
},
"vtep_label": {
"required": false,
"title": "The virtual tunnel endpoint label",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationReceivedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReceivedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReceivedLogical"
},
"properties": {
"component_id": {
"readonly": true,
"required": false,
"title": "The id of the component that received the traceflow packet.",
"type": "string"
},
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"lport_id": {
"readonly": true,
"required": false,
"title": "The id of the logical port at which the traceflow packet was received",
"type": "string"
},
"lport_name": {
"readonly": true,
"required": false,
"title": "The name of the logical port at which the traceflow packet was received",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"src_component_id": {
"readonly": true,
"required": false,
"title": "The id of the source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_name": {
"readonly": true,
"required": false,
"title": "The name of source component from which the traceflow packet was received.",
"type": "string"
},
"src_component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the source component from which the traceflow packet was received."
},
"svc_mac": {
"description": "MAC address of SAN volume controller for service insertion(SI) in service VM(SVM) where the traceflow packet was received.",
"readonly": true,
"required": false,
"title": "MAC address of SAN volume controller",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"vlan": {
"$ref": "VlanID,
"description": "This field is specified when the traceflow packet was received by a VLAN logical network.",
"readonly": true,
"required": false,
"title": "VLAN for the logical network on which the traceflow packet was received."
},
"vni": {
"description": "This field is specified when the traceflow packet was received by an overlay logical network.",
"readonly": true,
"required": false,
"title": "VNI for the logical network on which the traceflow packet was received.",
"type": "int"
}
},
"type": "object"
}
TraceflowObservationRelayedLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationRelayedLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationRelayedLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"dst_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the destination which the packet will be relayed.",
"readonly": true,
"required": true,
"title": "The IP address of the destination"
},
"logical_comp_uuid": {
"description": "This field specified the logical component that relay service located.",
"readonly": true,
"required": false,
"title": "The id of the component which relay service located",
"type": "string"
},
"message_type": {
"default": "REQUEST",
"description": "This field specified the message type of the relay service REQUEST - The relay service will relay a request message to the destination server REPLY - The relay service will relay a reply message to the client",
"enum": [
"REQUEST",
"REPLY"
],
"readonly": true,
"required": true,
"title": "The type of the relay service",
"type": "string"
},
"relay_server_address": {
"$ref": "IPAddress,
"description": "This field specified the IP address of the relay service.",
"readonly": true,
"required": true,
"title": "The IP address of relay service"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
}
},
"type": "object"
}
TraceflowObservationReplicationLogical (type)
{
"extends": {
"$ref": "TraceflowObservation
},
"id": "TraceflowObservationReplicationLogical",
"module_id": "Traceflow",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowObservationReplicationLogical"
},
"properties": {
"component_name": {
"readonly": true,
"required": false,
"title": "The name of the component that issued the observation.",
"type": "string"
},
"component_sub_type": {
"$ref": "TraceflowComponentSubType,
"readonly": true,
"required": false,
"title": "The sub type of the component that issued the observation."
},
"component_type": {
"$ref": "TraceflowComponentType,
"readonly": true,
"required": false,
"title": "The type of the component that issued the observation."
},
"local_ip_address": {
"$ref": "IPAddress,
"readonly": true,
"required": false,
"title": "Local IP address of the component that replicates the packet."
},
"replication_type": {
"description": "This field specifies the type of replication message TX_VTEP - Transmit replication to all VTEPs TX_MTEP - Transmit replication to all MTEPs RX - Receive replication",
"enum": [
"TX_VTEP",
"TX_MTEP",
"RX"
],
"readonly": true,
"required": false,
"title": "The replication type of the message",
"type": "string"
},
"resource_type": {
"$ref": "TraceflowObservationType,
"default": "TraceflowObservationReceived",
"required": true
},
"sequence_no": {
"description": "the hop count for observations on the transport node that a traceflow packet is injected in will be 0. The hop count is incremented each time a subsequent transport node receives the traceflow packet. The sequence number of 999 indicates that the hop count could not be determined for the containing observation.",
"readonly": true,
"required": true,
"title": "the sequence number is the traceflow observation hop count",
"type": "integer"
},
"site_path": {
"description": "This field contains the site path where this observation was generated.",
"readonly": true,
"title": "Policy path of the federated site",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"description": "Timestamp when the observation was created by the transport node (milliseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node"
},
"timestamp_micro": {
"description": "Timestamp when the observation was created by the transport node (microseconds epoch)",
"readonly": true,
"required": false,
"title": "Timestamp when the observation was created by the transport node",
"type": "integer"
},
"transport_node_id": {
"readonly": true,
"required": false,
"title": "id of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_name": {
"readonly": true,
"required": false,
"title": "name of the transport node that observed a traceflow packet",
"type": "string"
},
"transport_node_type": {
"$ref": "TransportNodeType,
"readonly": true,
"required": false,
"title": "type of the transport node that observed a traceflow packet"
},
"uplink_name": {
"readonly": true,
"required": false,
"title": "The name of uplink",
"type": "string"
},
"vtep_label": {
"readonly": true,
"required": false,
"title": "The label of VTEP",
"type": "integer"
}
},
"type": "object"
}
TraceflowObservationType (type)
{
"enum": [
"TraceflowObservationForwarded",
"TraceflowObservationDropped",
"TraceflowObservationDelivered",
"TraceflowObservationReceived",
"TraceflowObservationForwardedLogical",
"TraceflowObservationDroppedLogical",
"TraceflowObservationReceivedLogical",
"TraceflowObservationReplicationLogical",
"TraceflowObservationRelayedLogical"
],
"id": "TraceflowObservationType",
"module_id": "Traceflow",
"type": "string"
}
TraceflowRequestParameter (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyRequestParameter
},
"id": "TraceflowRequestParameter",
"module_id": "PolicyConnectivity",
"polymorphic-type-descriptor": {
"type-identifier": "TraceflowRequestParameter"
},
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on which traceflow session was created.",
"required": true,
"title": "Enforcement point path",
"type": "string"
},
"resource_type": {
"description": "The type of this request parameter.",
"readonly": false,
"required": true,
"type": "string"
}
},
"title": "Traceflow request parameter, used in hierarchical API.",
"type": "object"
}
TraceflowStatusRequest (type)
{
"additionalProperties": false,
"id": "TraceflowStatusRequest",
"module_id": "PolicyConnectivity",
"properties": {
"enforcement_point_path": {
"description": "Policy path of enforcement point on which traceflow session was created.",
"title": "Enforcement point path",
"type": "string"
}
},
"title": "Traceflow request status",
"type": "object"
}
TrafficRateLimits (type)
{
"description": "Enables traffic limit for incoming/outgoing broadcast and multicast packets. Use 0 to disable rate limiting for a specific traffic type",
"id": "TrafficRateLimits",
"module_id": "PolicySegmentSecurity",
"properties": {
"rx_broadcast": {
"default": 0,
"description": "Incoming broadcast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Broadcast receive limit",
"type": "int"
},
"rx_multicast": {
"default": 0,
"description": "Incoming multicast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Multicast receive limit",
"type": "int"
},
"tx_broadcast": {
"default": 0,
"description": "Outgoing broadcast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Broadcast transmit limit",
"type": "int"
},
"tx_multicast": {
"default": 0,
"description": "Outgoing multicast traffic limit in packets per second",
"minimum": 0,
"readonly": false,
"required": false,
"title": "Multicast transmit limit",
"type": "int"
}
},
"title": "Rate limiting configuration",
"type": "object"
}
TransportInfo (type)
{
"id": "TransportInfo",
"module_id": "LiveTrace",
"properties": {
"dst_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port",
"type": "integer"
},
"protocol": {
"enum": [
"TCP",
"UDP",
"ICMPv4",
"ICMPv6"
],
"required": false,
"title": "Protocol type over IP layer",
"type": "string"
},
"src_port": {
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port",
"type": "integer"
}
},
"type": "object"
}
TransportNodeIdParameters (type)
{
"extends": {
"$ref": "DataSourceParameters
},
"id": "TransportNodeIdParameters",
"module_id": "AggSvcL2Types",
"properties": {
"source": {
"$ref": "DataSourceType,
"required": false,
"title": "The data source, either realtime or cached. If not provided, cached data is returned."
},
"transport_node_id": {
"required": false,
"title": "TransportNode Id",
"type": "string"
}
},
"type": "object"
}
TransportNodeSpanEnforcedStatus (type)
{
"additionalProperties": false,
"description": "Detailed Realized Status of an Intent on a span of Transport Nodes.",
"extends": {
"$ref": "EnforcedStatusPerScopeNsxT
},
"id": "TransportNodeSpanEnforcedStatus",
"module_id": "PolicyRealizationStatus",
"polymorphic-type-descriptor": {
"type-identifier": "TransportNodeSpanEnforcedStatus"
},
"properties": {
"enforced_status_per_transport_node": {
"description": "List of Detailed Realized Status per Transport Node.",
"items": {
"$ref": "EnforcedStatusPerTransportNode
},
"readonly": true,
"title": "List of Enforced Realized Status per Transport Node",
"type": "array"
},
"resource_type": {
"description": "Enforced Realized Status Per Scope Resource Type.",
"enum": [
"TransportNodeSpanEnforcedStatus"
],
"readonly": true,
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Enforced Realized Status across Transport Nodes",
"type": "object"
}
TransportNodeType (type)
{
"enum": [
"ESX",
"RHELKVM",
"UBUNTUKVM",
"CENTOSKVM",
"RHELCONTAINER",
"CENTOSCONTAINER",
"RHELSERVER",
"UBUNTUSERVER",
"CENTOSSERVER",
"SLESKVM",
"SLESSERVER",
"WINDOWSSERVER",
"RHELSMARTNIC",
"OELSERVER",
"UBUNTUSMARTNIC",
"EDGE",
"PUBLIC_CLOUD_GATEWAY_NODE",
"OTHERS",
"HYPERV"
],
"id": "TransportNodeType",
"module_id": "Traceflow",
"type": "string"
}
TransportProtocolHeader (type)
{
"additionalProperties": false,
"id": "TransportProtocolHeader",
"module_id": "Traceflow",
"properties": {
"dhcp_header": {
"$ref": "DhcpHeader,
"required": false,
"title": "DHCP header"
},
"dhcpv6_header": {
"$ref": "Dhcpv6Header,
"required": false,
"title": "DHCP v6 header"
},
"dns_header": {
"$ref": "DnsHeader,
"required": false,
"title": "DNS header"
},
"icmp_echo_request_header": {
"$ref": "IcmpEchoRequestHeader,
"required": false,
"title": "ICMP echo request header"
},
"ndp_header": {
"$ref": "NdpHeader,
"required": false,
"title": "Neighbor discovery protocol header"
},
"tcp_header": {
"$ref": "TcpHeader,
"required": false,
"title": "TCP header"
},
"udp_header": {
"$ref": "UdpHeader,
"required": false,
"title": "UDP header"
}
},
"type": "object"
}
TriggerUcUpgradeParameters (type)
{
"id": "TriggerUcUpgradeParameters",
"properties": {
"product_version": {
"description": "Target upgrade coordinator version.",
"pattern": "^[a-zA-Z0-9-.]+$",
"title": "Target upgrade coordinator version.",
"type": "string"
}
},
"type": "object"
}
TrustManagementData (type)
{
"additionalProperties": false,
"id": "TrustManagementData",
"module_id": "CertificateManager",
"properties": {
"supported_algorithms": {
"description": "List of supported algorithms.",
"items": {
"$ref": "CryptoAlgorithm
},
"readonly": true,
"required": false,
"type": "array"
}
},
"type": "object"
}
TrustObjectData (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "TrustObjectData",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"key_algo": {
"description": "Key algorithm contained in this certificate.",
"type": "string"
},
"passphrase": {
"description": "Password for private key encryption.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "string"
},
"pem_encoded": {
"description": "PEM encoded certificate data.",
"readonly": false,
"required": true,
"type": "string"
},
"private_key": {
"description": "Private key data.",
"readonly": false,
"required": false,
"sensitive": true,
"type": "string"
},
"purpose": {
"description": "Purpose of this certificate. Can be empty or set to \"signing-ca\".",
"enum": [
"signing-ca"
],
"readonly": false,
"required": false,
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
TunnelInterfaceIPSubnet (type)
{
"additionalProperties": false,
"id": "TunnelInterfaceIPSubnet",
"module_id": "PolicyVpnIPSecVpn",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IPv4 Addresses",
"type": "array"
},
"prefix_length": {
"maximum": 31,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
TunnelSubnet (type) (Deprecated)
{
"additionalProperties": false,
"deprecated": true,
"id": "TunnelSubnet",
"module_id": "PolicyL3Vpn",
"properties": {
"ip_addresses": {
"items": {
"$ref": "IPv4Address
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Subnet ip addresses",
"type": "array",
"uniqueItems": true
},
"prefix_length": {
"maximum": 31,
"minimum": 1,
"required": true,
"title": "Subnet Prefix Length",
"type": "integer"
}
},
"type": "object"
}
UcFunctionalState (type)
{
"additionalProperties": false,
"description": "Upgrade coordinator Uc functional State.",
"id": "UcFunctionalState",
"module_id": "Upgrade",
"properties": {
"error_message": {
"description": "error message that explains why UC is on standby mode.",
"readonly": true,
"required": false,
"title": "error message",
"type": "string"
},
"state": {
"description": "function state of the upgrade coordinator",
"enum": [
"RUNNING",
"STANDBY"
],
"readonly": true,
"required": true,
"title": "State of UC UI",
"type": "string"
}
},
"title": "Uc Functional State",
"type": "object"
}
UcStateProperties (type)
{
"additionalProperties": false,
"id": "UcStateProperties",
"properties": {
"update_uc_state_properties": {
"default": true,
"required": false,
"title": "Flag for updating upgrade-coodinator state properties to database",
"type": "boolean"
}
},
"title": "Upgrade Coordinator state properties",
"type": "object"
}
UcUpgradeStatus (type)
{
"additionalProperties": false,
"description": "Upgrade status of upgrade-coordinator",
"id": "UcUpgradeStatus",
"module_id": "Upgrade",
"properties": {
"errors": {
"description": "List of failure messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of failure messages",
"type": "array"
},
"progress_messages": {
"description": "List of progress messages.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Progress messages",
"type": "array"
},
"progress_percentage": {
"readonly": true,
"required": false,
"title": "Upgrade Coordinator Upgrade Progress Percentage",
"type": "int"
},
"state": {
"description": "Current state of UC upgrade",
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "State of UC upgrade",
"type": "string"
},
"status": {
"description": "Status of UC upgrade.",
"readonly": true,
"required": false,
"title": "Status of UC upgrade",
"type": "string"
}
},
"title": "UC Upgrade status",
"type": "object"
}
UdpHeader (type)
{
"additionalProperties": false,
"id": "UdpHeader",
"module_id": "Traceflow",
"properties": {
"dst_port": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Destination port of udp header",
"type": "integer"
},
"src_port": {
"default": 0,
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Source port of udp header",
"type": "integer"
}
},
"type": "object"
}
UnaryOperation (type)
{
"additionalProperties": false,
"description": "Unary Operation.",
"id": "UnaryOperation",
"module_id": "PolicyReaction",
"properties": {
"operand": {
"$ref": "ResourceFieldPointer,
"description": "Represents an argument of the operation pointing to a specific field value.",
"required": true,
"title": "Operand"
},
"operator": {
"description": "Logical Operator describing the operation to apply to the operand.",
"enum": [
"APPEND",
"SUBTRACT"
],
"required": true,
"title": "Operator",
"type": "string"
}
},
"title": "Unary Operation",
"type": "object"
}
UnaryOperationBasedInjectionValue (type)
{
"additionalProperties": false,
"description": "Operation based Injection Value.",
"extends": {
"$ref": "InjectionValue
},
"id": "UnaryOperationBasedInjectionValue",
"module_id": "PolicyReaction",
"polymorphic-type-descriptor": {
"type-identifier": "UnaryOperationBasedInjectionValue"
},
"properties": {
"initial_value": {
"$ref": "ResourceFieldPointer,
"description": "Resource field pointer representing the initial value for the injection value. If an operation is supplied, the value is handed to the operation function to produce a final result.",
"required": true,
"title": "Intitial value"
},
"operation": {
"$ref": "UnaryOperation,
"description": "Represents an optional operation to be done on the initial value.",
"title": "Operation Function"
},
"resource_type": {
"description": "Injection Value resource type.",
"enum": [
"UnaryOperationBasedInjectionValue"
],
"required": true,
"title": "Resource Type",
"type": "string"
}
},
"title": "Operation based Injection Value",
"type": "object"
}
UnboundedKeyValuePair (type)
{
"additionalProperties": false,
"id": "UnboundedKeyValuePair",
"module_id": "Common",
"properties": {
"key": {
"readonly": false,
"required": true,
"title": "Key",
"type": "string"
},
"value": {
"readonly": false,
"required": true,
"title": "Value",
"type": "string"
}
},
"title": "A key-value pair with no limitations on size",
"type": "object"
}
UnsupportedFeature (type)
{
"description": "List of unsupported features for configuration onboarding on global manager.",
"enum": [
"LB"
],
"id": "UnsupportedFeature",
"module_id": "GmConfigOnboarding",
"title": "Unsupported features",
"type": "string"
}
UpdateOidcEndPointThumbprintRequest (type)
{
"additionalProperties": false,
"description": "Request to update the thumbprint of an OpenID Connect end-point with a new thumbprint.",
"extends": {
"$ref": "ManagedResource
},
"id": "UpdateOidcEndPointThumbprintRequest",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"oidc_uri": {
"description": "URI where to download the meta-data of the OIDC end-point.",
"maxLength": 255,
"readonly": false,
"required": true,
"title": "OpenID Connect end-point URI",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"thumbprint": {
"description": "Thumbprint of the OIDC URI to make an SSL connection.",
"readonly": false,
"required": true,
"title": "Thumbprint",
"type": "string"
}
},
"title": "Request to update the thumbprint of an OpenId Connect end-point",
"type": "object"
}
UpdatePrincipalIdentityCertificateRequest (type)
{
"additionalProperties": false,
"description": "Request to update the certificate of a principal identity with a new certificate.",
"extends": {
"$ref": "ManagedResource
},
"id": "UpdatePrincipalIdentityCertificateRequest",
"module_id": "CertificateManager",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"certificate_id": {
"description": "Id of the stored certificate.",
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Id of the stored certificate",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"principal_identity_id": {
"description": "Unique ID of the principal.",
"maxLength": 255,
"pattern": "^[a-zA-Z0-9]+([-._]?[a-zA-Z0-9]+)*$",
"readonly": false,
"required": true,
"title": "Principal Identity ID",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Request to update the certificate of a principal identity",
"type": "object"
}
UpgradeBundle (type)
{
"additionalProperties": false,
"id": "UpgradeBundle",
"module_id": "Upgrade",
"properties": {
"file": {
"readonly": false,
"required": true,
"title": "Upgrade bundle file",
"type": "multipart_file"
}
},
"type": "object"
}
UpgradeBundleFetchRequest (type)
{
"additionalProperties": false,
"description": "URL and other fetch requests of upgrade bundle",
"id": "UpgradeBundleFetchRequest",
"module_id": "Upgrade",
"properties": {
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": false,
"required": true,
"title": "URL of upgrade bundle",
"type": "string"
}
},
"title": "Fetch request for fetching upgrade bundle",
"type": "object"
}
UpgradeBundleId (type)
{
"additionalProperties": false,
"description": "Identifier of the upgrade bundle",
"id": "UpgradeBundleId",
"module_id": "Upgrade",
"properties": {
"bundle_id": {
"description": "Identifier of bundle upload",
"readonly": true,
"required": false,
"title": "Bundle Id of upgrade bundle uploaded",
"type": "string"
}
},
"title": "Bundle id of upgrade bundle",
"type": "object"
}
UpgradeBundleInfo (type)
{
"additionalProperties": false,
"description": "Information about the upgrade bundle",
"id": "UpgradeBundleInfo",
"module_id": "Upgrade",
"properties": {
"bundle_size": {
"readonly": true,
"required": false,
"title": "size of upgrade bundle",
"type": "string"
},
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": true,
"required": false,
"title": "URL of the upgrade bundle",
"type": "string"
}
},
"title": "Information about upgrade bundle",
"type": "object"
}
UpgradeBundleUploadStatus (type)
{
"additionalProperties": false,
"description": "Upload status of upgrade bundle uploaded from url",
"id": "UpgradeBundleUploadStatus",
"module_id": "Upgrade",
"properties": {
"detailed_status": {
"description": "Detailed status of upgrade bundle upload",
"readonly": true,
"required": false,
"title": "Detailed status of bundle upload",
"type": "string"
},
"percent": {
"description": "Percent of bundle uploaded from URL",
"readonly": true,
"required": false,
"title": "Percent of upload completed",
"type": "number"
},
"status": {
"description": "Current status of upgrade bundle upload",
"enum": [
"UPLOADING",
"VERIFYING",
"SUCCESS",
"FAILED"
],
"readonly": true,
"required": false,
"title": "Status of upgrade bundle upload",
"type": "string"
},
"url": {
"description": "URL for uploading upgrade bundle",
"readonly": true,
"required": false,
"title": "URL from which the bundle was uploaded",
"type": "string"
}
},
"title": "Upload status of upgrade bundle",
"type": "object"
}
UpgradeCheck (type)
{
"additionalProperties": false,
"description": "Check to identify potential pre/post-upgrade issues",
"id": "UpgradeCheck",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the pre/post-upgrade check",
"type": "string"
},
"failure_messages": {
"deprecated": true,
"description": "List of failure messages. This field is deprecated now. Please use failures instead.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of failure messages",
"type": "array"
},
"failures": {
"items": {
"$ref": "UpgradeCheckFailureMessage
},
"readonly": true,
"required": false,
"title": "List of failures",
"type": "array"
},
"status": {
"enum": [
"SUCCESS",
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Status of pre/post-upgrade check",
"type": "string"
}
},
"title": "Pre/post-upgrade check",
"type": "object"
}
UpgradeCheckCsvListResult (type)
{
"extends": {
"$ref": "CsvListResult
},
"id": "UpgradeCheckCsvListResult",
"module_id": "Upgrade",
"properties": {
"file_name": {
"description": "File name set by HTTP server if API returns CSV result as a file.",
"required": false,
"title": "File name",
"type": "string"
},
"results": {
"items": {
"$ref": "UpgradeCheckCsvRecord
},
"required": false,
"type": "array"
}
},
"type": "object"
}
UpgradeCheckCsvRecord (type)
{
"additionalProperties": false,
"description": "CSV record for a pre/post-upgrade check",
"extends": {
"$ref": "CsvRecord
},
"id": "UpgradeCheckCsvRecord",
"module_id": "Upgrade",
"properties": {
"check_description": {
"description": "Description of the pre/post-upgrade check",
"readonly": false,
"required": false,
"title": "Description of the upgrade check",
"type": "string"
},
"check_name": {
"description": "Display name of the pre/post-upgrade check",
"readonly": false,
"required": true,
"title": "Name of the upgrade check",
"type": "string"
},
"failure_messages": {
"description": "Space-separated list of failure messages",
"readonly": true,
"required": false,
"title": "Failure messages",
"type": "string"
},
"status": {
"description": "Status of the pre/post-upgrade check",
"enum": [
"SUCCESS",
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Status of the upgrade check",
"type": "string"
},
"upgrade_unit_id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of the upgrade unit",
"type": "string"
},
"upgrade_unit_metadata": {
"description": "Meta-data of the upgrade-unit",
"readonly": true,
"required": false,
"title": "Meta-data of the upgrade-unit",
"type": "string"
},
"upgrade_unit_type": {
"description": "Component type of the upgrade unit",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"title": "CSV record for an upgrade-check",
"type": "object"
}
UpgradeCheckFailure (type)
{
"additionalProperties": false,
"description": "Pre/post-upgrade check failure",
"id": "UpgradeCheckFailure",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the origin of failure",
"readonly": true,
"required": true,
"title": "Component type",
"type": "string"
},
"group_name": {
"description": "Name of the upgrade group of the origin of failure. Only applicable when origin_type is UPGRADE_UNIT.",
"readonly": false,
"required": false,
"title": "Name of upgrade group",
"type": "string"
},
"message": {
"$ref": "UpgradeCheckFailureMessage,
"description": "Pre/post-upgrade check failure message",
"readonly": true,
"required": true,
"title": "Upgrade check failure message"
},
"origin_id": {
"description": "Unique id of origin of pre/post-upgrade check failure",
"readonly": true,
"required": true,
"title": "Unique id of origin of failure",
"type": "string"
},
"origin_name": {
"description": "Name of origin of pre/post-upgrade check failure",
"readonly": true,
"required": true,
"title": "Name of origin of failure",
"type": "string"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check failure",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": true,
"required": true,
"title": "Type of origin of failure",
"type": "string"
},
"type": {
"description": "Type of the pre/post-upgrade check failure",
"enum": [
"FAILURE",
"WARNING"
],
"readonly": true,
"required": true,
"title": "Type of failure",
"type": "string"
}
},
"title": "Upgrade check failure",
"type": "object"
}
UpgradeCheckFailureListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeCheckFailureListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type on which upgrade check failures are to be filtered",
"readonly": false,
"required": false,
"title": "Component type",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"filter_text": {
"description": "Text to filter the results on. The filter text is matched with origin name and failure message. String matching for the filter is case-insensitive.",
"readonly": false,
"required": false,
"title": "Filter text",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"origin_type": {
"description": "Type of origin of pre/post-upgrade check failure",
"enum": [
"COMPONENT",
"UPGRADE_UNIT"
],
"readonly": false,
"required": false,
"title": "Type of origin of failure",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"type": {
"description": "Status of the pre/post-upgrade check to filter the results on",
"enum": [
"FAILURE",
"WARNING"
],
"readonly": false,
"required": false,
"title": "Status of the upgrade check",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckFailureListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeCheckFailureListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeCheckFailure
},
"required": true,
"title": "Collection of pre/post-upgrade check failures",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckFailureMessage (type)
{
"description": "Pre/post-upgrade check failure message",
"id": "UpgradeCheckFailureMessage",
"module_id": "Upgrade",
"properties": {
"error_code": {
"description": "Error code for the error/warning",
"readonly": true,
"required": true,
"title": "Error code",
"type": "integer"
},
"message": {
"description": "Error/warning message",
"readonly": true,
"required": true,
"title": "Error/warning message",
"type": "string"
}
},
"title": "Upgrade check failure message",
"type": "object"
}
UpgradeCheckInfo (type)
{
"additionalProperties": false,
"description": "Meta-data of a pre/post-upgrade check",
"id": "UpgradeCheckInfo",
"module_id": "Upgrade",
"properties": {
"component_type": {
"description": "Component type of the pre/post-upgrade check",
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"description": {
"description": "Description of the pre/post-upgrade check",
"readonly": true,
"required": false,
"title": "Description",
"type": "string"
},
"name": {
"description": "Display name of the pre/post-upgrade check",
"readonly": true,
"required": true,
"title": "Name of the upgrade check",
"type": "string"
}
},
"title": "Meta-data of a pre/post-upgrade check",
"type": "object"
}
UpgradeCheckInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeCheckInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade checks are to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeCheckListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"checks": {
"items": {
"$ref": "UpgradeCheck
},
"required": true,
"title": "Paged Collection of pre/post-upgrade checks",
"type": "array"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeCheckListResults (type)
{
"additionalProperties": false,
"id": "UpgradeCheckListResults",
"module_id": "Upgrade",
"properties": {
"checks_with_warnings": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
},
"failed_checks": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
},
"successful_checks": {
"$ref": "UpgradeCheckListResult,
"readonly": true,
"required": false
}
},
"type": "object"
}
UpgradeChecksExecutionStatus (type)
{
"additionalProperties": false,
"description": "Execution status of pre/post-upgrade checks",
"id": "UpgradeChecksExecutionStatus",
"module_id": "Upgrade",
"properties": {
"details": {
"readonly": true,
"required": false,
"title": "Details about current execution of pre/post-upgrade checks",
"type": "string"
},
"end_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks completed\n"
},
"failure_count": {
"description": "Total count of generated failures or warnings in last execution of pre/post-upgrade checks",
"readonly": true,
"required": false,
"title": "Failure count",
"type": "int"
},
"node_with_issues_count": {
"deprecated": true,
"description": "Number of nodes which generated failures or warnings in last execution of pre/post-upgrade checks. This field has been deprecated. Please use failure_count instead.",
"readonly": true,
"required": false,
"title": "Number of nodes with failures/warnings",
"type": "int"
},
"start_time": {
"$ref": "EpochMsTimestamp,
"required": false,
"title": "Time (in milliseconds since epoch) when the execution of\npre/post-upgrade checks started\n"
},
"status": {
"enum": [
"NOT_STARTED",
"IN_PROGRESS",
"ABORTING",
"ABORTED",
"COMPLETED"
],
"readonly": true,
"required": true,
"title": "Status of execution of pre/post-upgrade checks",
"type": "string"
}
},
"title": "Execution status of pre/post-upgrade checks",
"type": "object"
}
UpgradeHistory (type)
{
"additionalProperties": false,
"id": "UpgradeHistory",
"module_id": "UpgradeTypes",
"properties": {
"initial_version": {
"description": "Version before the upgrade started",
"required": true,
"title": "Initial Version",
"type": "string"
},
"target_version": {
"description": "Version being upgraded to",
"required": true,
"title": "Target Version",
"type": "string"
},
"timestamp": {
"$ref": "EpochMsTimestamp,
"required": true,
"title": "Timestamp (in milliseconds since epoch) when the upgrade was performed"
},
"upgrade_status": {
"enum": [
"STARTED",
"SUCCESS",
"FAILED"
],
"required": true,
"title": "Status of the upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeHistoryList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeHistoryList",
"module_id": "UpgradeTypes",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeHistory
},
"readonly": true,
"required": false,
"title": "Upgrade history list",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradePlanResetRequest (type)
{
"additionalProperties": false,
"id": "UpgradePlanResetRequest",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
}
},
"type": "object"
}
UpgradePlanSettings (type)
{
"additionalProperties": false,
"id": "UpgradePlanSettings",
"module_id": "Upgrade",
"properties": {
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade Method to specify whether the upgrade is to be performed serially or in parallel",
"type": "boolean"
},
"pause_after_each_group": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the upgrade after upgrade of each group is completed",
"type": "boolean"
},
"pause_on_error": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to pause the upgrade plan execution when an error occurs",
"type": "boolean"
}
},
"type": "object"
}
UpgradeProgressStatus (type)
{
"id": "UpgradeProgressStatus",
"properties": {
"last_upgrade_step_status": {
"title": "Status of last upgrade step",
"type": "object"
},
"upgrade_bundle_present": {
"title": "True if upgrade bundle is present",
"type": "boolean"
},
"upgrade_metadata": {
"title": "Meta info of upgrade",
"type": "object"
}
},
"title": "Upgrade progress status",
"type": "object"
}
UpgradeStatus (type)
{
"additionalProperties": false,
"id": "UpgradeStatus",
"module_id": "Upgrade",
"properties": {
"ccp_status": {
"$ref": "CCPUpgradeStatus,
"readonly": true,
"required": false,
"title": "CCP upgrade status"
},
"component_status": {
"items": {
"$ref": "ComponentUpgradeStatus
},
"readonly": true,
"required": true,
"title": "List of component statuses",
"type": "array"
},
"edge_status": {
"$ref": "EdgeUpgradeStatus,
"readonly": true,
"required": false,
"title": "Edge upgrade status"
},
"host_status": {
"$ref": "HostUpgradeStatus,
"readonly": true,
"required": false,
"title": "Host upgrade status"
},
"overall_upgrade_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeStatusSummary (type)
{
"id": "UpgradeStatusSummary",
"properties": {
"upgrade_bundle_present": {
"title": "True if upgrade bundle is present",
"type": "boolean"
},
"upgrade_metadata": {
"title": "Meta info of upgrade",
"type": "object"
},
"upgrade_steps": {
"items": {
"type": "object"
},
"title": "List of all upgrade steps performed",
"type": "array"
}
},
"title": "Upgrade status summry",
"type": "object"
}
UpgradeSummary (type)
{
"additionalProperties": false,
"id": "UpgradeSummary",
"module_id": "Upgrade",
"properties": {
"component_target_versions": {
"items": {
"$ref": "ComponentTargetVersion
},
"readonly": true,
"required": false,
"type": "array"
},
"system_version": {
"readonly": true,
"required": true,
"title": "Current system version",
"type": "string"
},
"target_version": {
"readonly": true,
"required": true,
"title": "Target system version",
"type": "string"
},
"upgrade_bundle_file_name": {
"readonly": true,
"required": false,
"title": "Name of the last successfully uploaded upgrade bundle file",
"type": "string"
},
"upgrade_coordinator_updated": {
"readonly": true,
"required": false,
"title": "Has upgrade coordinator been updated after upload of upgrade bundle file",
"type": "boolean"
},
"upgrade_coordinator_version": {
"readonly": true,
"required": true,
"title": "Current version of upgrade coordinator",
"type": "string"
},
"upgrade_status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade",
"type": "string"
}
},
"type": "object"
}
UpgradeTaskActionParameters (type)
{
"id": "UpgradeTaskActionParameters",
"properties": {
"action": {
"description": "The upgrade task to perform.",
"pattern": "^[^/]+$",
"title": "Upgrade task",
"type": "string"
}
},
"type": "object"
}
UpgradeTaskProperties (type)
{
"additionalProperties": false,
"id": "UpgradeTaskProperties",
"properties": {
"bundle_name": {
"required": true,
"title": "Name of Bundle",
"type": "string"
},
"parameters": {
"readonly": true,
"required": false,
"title": "Bundle arguments",
"type": "object"
},
"step": {
"required": false,
"title": "Step name",
"type": "string"
}
},
"title": "Task properties",
"type": "object"
}
UpgradeTaskStatusQueryParameters (type)
{
"id": "UpgradeTaskStatusQueryParameters",
"properties": {
"bundle_name": {
"description": "Provide a bundle name",
"pattern": "^[a-zA-Z0-9-.]+$",
"title": "Bundle Name",
"type": "string"
},
"upgrade_task_id": {
"description": "Provide a task id",
"pattern": "^[a-z0-9-]+$",
"title": "Upgrade Task ID",
"type": "string"
}
},
"type": "object"
}
UpgradeUnit (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "UpgradeUnit",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"current_version": {
"description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.",
"readonly": true,
"required": false,
"title": "Current version of upgrade unit",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the upgrade unit",
"type": "string"
},
"group": {
"$ref": "UpgradeUnitGroupInfo,
"readonly": true,
"required": false,
"title": "Info of the group to which this upgrade unit belongs"
},
"id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of the upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "Resource
},
"id": "UpgradeUnitAggregateInfo",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"current_version": {
"description": "This is component version e.g. if upgrade unit is of type edge, then this is edge version.",
"readonly": true,
"required": false,
"title": "Current version of upgrade unit",
"type": "string"
},
"display_name": {
"readonly": false,
"required": false,
"title": "Name of the upgrade unit",
"type": "string"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during upgrade of this upgrade unit",
"type": "array"
},
"group": {
"$ref": "UpgradeUnitGroupInfo,
"readonly": true,
"required": false,
"title": "Info of the group to which this upgrade unit belongs"
},
"id": {
"description": "Identifier of the upgrade unit",
"readonly": true,
"required": true,
"title": "Identifier of the upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"post_upgrade_checks": {
"$ref": "UpgradeCheckListResults,
"readonly": true,
"required": false
},
"pre_upgrade_checks": {
"$ref": "UpgradeCheckListResults,
"readonly": true,
"required": false
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade unit",
"type": "string"
},
"type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type",
"type": "string"
},
"warnings": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of warnings indicating issues with the upgrade unit that may result in upgrade failure",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitAggregateInfoListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitAggregateInfoListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "Identifier of group based on which upgrade units to be filtered",
"type": "string"
},
"has_errors": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with errors",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about upgrade unit to filter on",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"selection_status": {
"default": "ALL",
"enum": [
"SELECTED",
"DESELECTED",
"ALL"
],
"required": false,
"title": "Flag to indicate whether to return only selected, only deselected or both type of upgrade units",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"upgrade_unit_display_name": {
"description": "Display name of upgrade unit to filter the results on. String matching for the filter is case-insensitive.",
"readonly": false,
"required": false,
"title": "Display name of upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitAggregateInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of UpgradeUnit AggregateInfo",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroup (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "UpgradeUnitGroup",
"module_id": "Upgrade",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether upgrade of this group is enabled or not",
"type": "boolean"
},
"extended_configuration": {
"description": "Extended configuration for the group. Following extended_configuration is supported: Key: upgrade_mode Supported values: maintenance_mode, in_place, stage_in_vlcm Key: maintenance_mode_config_vsan_mode Supported values: evacuate_all_data, ensure_object_accessibility, no_action Key: maintenance_mode_config_evacuate_powered_off_vms Supported values: true, false Key: rebootless_upgrade Supported values: true, false",
"items": {
"$ref": "KeyValuePair
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "Extended configuration for the group",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially",
"type": "boolean"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"upgrade_unit_count": {
"description": "Number of upgrade units in the group",
"readonly": true,
"required": false,
"title": "Count of upgrade units in the group",
"type": "int"
},
"upgrade_units": {
"items": {
"$ref": "UpgradeUnit
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "List of upgrade units in the group",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitGroupAggregateInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "UpgradeUnitGroupAggregateInfo",
"module_id": "Upgrade",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"enabled": {
"default": true,
"readonly": false,
"required": false,
"title": "Flag to indicate whether upgrade of this group is enabled or not",
"type": "boolean"
},
"extended_configuration": {
"items": {
"$ref": "KeyValuePair
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "Extended configuration for the group",
"type": "array"
},
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the upgrade unit group that failed upgrade",
"type": "int"
},
"group_level_failure": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "Reports failures that occured at the group or cluster level.",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"parallel": {
"default": true,
"readonly": false,
"required": false,
"title": "Upgrade method to specify whether the upgrade is to be performed in parallel or serially",
"type": "boolean"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"post_upgrade_status": {
"$ref": "UpgradeChecksExecutionStatus,
"readonly": true,
"required": false,
"title": "Post-upgrade status of group"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of upgrade unit group",
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"readonly": false,
"required": true,
"title": "Component type",
"type": "string"
},
"upgrade_unit_count": {
"description": "Number of upgrade units in the group",
"readonly": true,
"required": false,
"title": "Count of upgrade units in the group",
"type": "int"
},
"upgrade_units": {
"items": {
"$ref": "UpgradeUnit
},
"maxItems": 100,
"readonly": false,
"required": false,
"title": "List of upgrade units in the group",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitGroupAggregateInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupAggregateInfoListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroupAggregateInfo
},
"readonly": true,
"required": true,
"title": "Paged collection of upgrade status for upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupInfo (type)
{
"additionalProperties": false,
"id": "UpgradeUnitGroupInfo",
"module_id": "Upgrade",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "Name of the group",
"type": "string"
},
"id": {
"description": "Identifier of group",
"readonly": true,
"required": true,
"title": "UUID of group",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitGroupListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade unit groups to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"summary": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag indicating whether to return summary",
"type": "boolean"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning upgrade unit groups",
"required": false,
"title": "Synchronize before returning upgrade unit groups",
"type": "boolean"
}
},
"type": "object"
}
UpgradeUnitGroupListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroup
},
"required": true,
"title": "Paged Collection of Upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitGroupStatus (type)
{
"additionalProperties": false,
"id": "UpgradeUnitGroupStatus",
"module_id": "Upgrade",
"properties": {
"failed_count": {
"readonly": true,
"required": false,
"title": "Number of nodes in the upgrade unit group that failed upgrade",
"type": "int"
},
"group_id": {
"description": "Identifier for upgrade unit group",
"readonly": true,
"required": true,
"title": "UUID of upgrade unit group",
"type": "string"
},
"group_name": {
"description": "Name of the upgrade unit group",
"readonly": true,
"required": true,
"title": "Upgrade unit group Name",
"type": "string"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Upgrade status of upgrade unit group",
"type": "string"
},
"upgrade_unit_count": {
"readonly": true,
"required": true,
"title": "Number of upgrade units in the group",
"type": "int"
}
},
"type": "object"
}
UpgradeUnitGroupStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitGroupStatusListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitGroupStatus
},
"readonly": true,
"required": true,
"title": "Paged collection of upgrade status for upgrade unit groups",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitList (type)
{
"additionalProperties": false,
"id": "UpgradeUnitList",
"module_id": "Upgrade",
"properties": {
"list": {
"items": {
"$ref": "UpgradeUnit
},
"required": true,
"title": "Collection of Upgrade units",
"type": "array"
}
},
"type": "object"
}
UpgradeUnitListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitListRequestParameters",
"module_id": "Upgrade",
"properties": {
"component_type": {
"readonly": false,
"required": false,
"title": "Component type based on which upgrade units to be filtered",
"type": "string"
},
"current_version": {
"readonly": false,
"required": false,
"title": "Current version of upgrade unit based on which upgrade units to be filtered",
"type": "string"
},
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"group_id": {
"readonly": false,
"required": false,
"title": "UUID of group based on which upgrade units to be filtered",
"type": "string"
},
"has_warnings": {
"default": false,
"readonly": false,
"required": false,
"title": "Flag to indicate whether to return only upgrade units with warnings",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"metadata": {
"readonly": false,
"required": false,
"title": "Metadata about upgrade unit to filter on",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"upgrade_unit_type": {
"readonly": false,
"required": false,
"title": "Upgrade unit type based on which upgrade units to be filtered",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnit
},
"required": true,
"title": "Paged Collection of Upgrade units",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitStatus (type)
{
"additionalProperties": false,
"id": "UpgradeUnitStatus",
"module_id": "Upgrade",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "Name of upgrade unit",
"type": "string"
},
"errors": {
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "List of errors occurred during upgrade of this upgrade unit",
"type": "array"
},
"id": {
"description": "Identifier of upgrade unit",
"readonly": true,
"required": true,
"title": "UUID of upgrade unit",
"type": "string"
},
"metadata": {
"items": {
"$ref": "KeyValuePair
},
"readonly": true,
"required": false,
"title": "Metadata about upgrade unit",
"type": "array"
},
"percent_complete": {
"readonly": true,
"required": true,
"title": "Indicator of upgrade progress in percentage",
"type": "number"
},
"status": {
"enum": [
"SUCCESS",
"FAILED",
"IN_PROGRESS",
"NOT_STARTED",
"PAUSING",
"PAUSED"
],
"readonly": true,
"required": true,
"title": "Status of upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitStatusListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitStatusListResult",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitStatus
},
"required": true,
"title": "Paged Collection of upgrade units status",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitTypeStats (type)
{
"additionalProperties": false,
"id": "UpgradeUnitTypeStats",
"module_id": "Upgrade",
"properties": {
"node_count": {
"readonly": true,
"required": true,
"title": "Number of nodes",
"type": "int"
},
"node_with_issues_count": {
"readonly": true,
"required": false,
"title": "Number of nodes with issues that may cause upgrade failure",
"type": "int"
},
"type": {
"readonly": true,
"required": true,
"title": "Type of upgrade unit",
"type": "string"
},
"upgrade_unit_subtype": {
"enum": [
"RESOURCE",
"ACTION"
],
"readonly": true,
"required": false,
"title": "UpgradeUnit sub type",
"type": "string"
},
"version": {
"readonly": true,
"required": true,
"title": "Version of the upgrade unit",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitTypeStatsList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "UpgradeUnitTypeStatsList",
"module_id": "Upgrade",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "UpgradeUnitTypeStats
},
"readonly": true,
"required": false,
"title": "List of upgrade unit type stats",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
UpgradeUnitsStatsRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "UpgradeUnitsStatsRequestParameters",
"module_id": "Upgrade",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"sync": {
"default": false,
"description": "If true, synchronize with the management plane before returning upgrade unit stats",
"required": false,
"title": "Synchronize before returning upgrade unit stats",
"type": "boolean"
}
},
"type": "object"
}
UploadFileRequestParameters (type)
{
"additionalProperties": false,
"description": "This holds the requests parameters required to multipart-upload a file.",
"extends": {
"$ref": "NoRestRequestParameters
},
"id": "UploadFileRequestParameters",
"module_id": "PolicyCertificate",
"properties": {
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file": {
"required": true,
"title": "File to be uploaded",
"type": "multipart_file"
}
},
"title": "Import file request parameters",
"type": "object"
}
UploadTlsCrlRequestParameters (type)
{
"additionalProperties": false,
"description": "Holds the requests parameters required to multipart-upload a TlsCrl objecta",
"extends": {
"$ref": "UploadFileRequestParameters
},
"id": "UploadTlsCrlRequestParameters",
"module_id": "PolicyCertificate",
"properties": {
"crl_type": {
"default": "X509",
"description": "The type of the CRL. It can be \"OneCRL\" or \"X509\" (default).",
"enum": [
"OneCRL",
"X509"
],
"required": false,
"title": "Type of CRL",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"file": {
"required": true,
"title": "File to be uploaded",
"type": "multipart_file"
}
},
"title": "Upload TlsCrl request parameters",
"type": "object"
}
UrlAlias (type)
{
"additionalProperties": false,
"description": "Short name or alias of a url. It is used to represent the url.",
"id": "UrlAlias",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alias": {
"description": "Short name or alias of url, if any. If not specified, the url can be referenced by its index in the array of urls of the datasource instance as $<index> (for example, $0).",
"maxLength": 255,
"title": "Url Alias Name",
"type": "string"
},
"keystore_info": {
"$ref": "KeyStoreInfo,
"description": "Key Store information for the URLAlias.Use this property if key store information is different for each url alias.",
"title": "Key Store Info for the URLAlias"
},
"query": {
"description": "Search query to be applied, if any. If query string is not provided, it will be ignored.",
"maxLength": 1024,
"title": "Search query of the search api, if any",
"type": "string"
},
"request_body": {
"description": "A raw request body in the form json format for a given url. This request body will be submitted along with request while giving a post api call.",
"titile": "A request body object for the given url",
"type": "object"
},
"request_headers": {
"description": "A raw request header in the form json format for a given url. This request header will be submitted along with request while giving a api call.",
"titile": "A request header object for the given url",
"type": "object"
},
"request_method": {
"default": "Get",
"description": "Type of the http method (Get, Post) to be used while invoking the given url through dashboard datasource framework.",
"enum": [
"Get",
"Post"
],
"title": "Type of http method",
"type": "string"
},
"url": {
"description": "Url to fetch data from.",
"maxLength": 1024,
"required": true,
"title": "Url",
"type": "string"
}
},
"title": "Url Alias",
"type": "object"
}
UserInfo (type)
{
"id": "UserInfo",
"module_id": "AAA",
"properties": {
"roles": {
"items": {
"$ref": "NsxRole
},
"readonly": true,
"required": true,
"title": "Permissions",
"type": "array"
},
"user_name": {
"readonly": true,
"required": true,
"title": "User Name",
"type": "string"
}
},
"title": "Authenticated User Info",
"type": "object"
}
UserRequestParameters (type)
{
"description": "Request parameters for user APIs like the /aaa/user-info/* APIs",
"id": "UserRequestParameters",
"module_id": "AAA",
"properties": {
"root_path": {
"required": false,
"title": "Prefix path of the context",
"type": "string"
}
},
"title": "Request parameters for user APIs.",
"type": "object"
}
VIFGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing virtual network interface external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VIFGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vif_external_id": {
"required": true,
"title": "Virtual network interface external ID",
"type": "string"
}
},
"title": "List request parameters containing virtual network interface external ID and enforcement point path",
"type": "object"
}
VMDeploymentProgressState (type)
{
"description": "Deployment progress state of node VM. This Object contains name of current deployment step and overall progress percentage.",
"id": "VMDeploymentProgressState",
"module_id": "HostPrepServiceFabric",
"properties": {
"current_step_title": {
"description": "Name of the current running step of deployment",
"readonly": true,
"required": false,
"title": "Name of the current step",
"type": "string"
},
"progress": {
"description": "Overall progress percentage of deployment completed",
"readonly": true,
"required": false,
"title": "Progress percentage",
"type": "integer"
}
},
"title": "Deployment progress of node VM",
"type": "object"
}
VMGroupAssociationRequestParams (type)
{
"additionalProperties": false,
"description": "List request parameters containing virtual machine external ID and enforcement point path",
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VMGroupAssociationRequestParams",
"module_id": "PolicyGroupRealization",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"enforcement_point_path": {
"description": "The path of the enforcement point from which the list of groups needs to be fetched. Forward slashes must be escaped using %2F. If no enforcement point path is specified, the default enforcement point is considered",
"required": false,
"title": "String Path of the enforcement point",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
},
"vm_external_id": {
"required": true,
"title": "Virtual machine external ID",
"type": "string"
}
},
"title": "List request parameters containing virtual machine external ID and enforcement point path",
"type": "object"
}
VMTagReplicationPolicy (type)
{
"additionalProperties": false,
"description": "A policy to replicate tags from once site to other sites.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VMTagReplicationPolicy",
"module_id": "VMTagReplicationPolicy",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"groups": {
"description": "Paths of groups (VM tag-based, VM name-based, etc.) that translates into VMs to be replicated from protected site to recovery sites. If no group is specified, none of the VM tag will be replicated from protected site to recovery sites.",
"items": {
"type": "string"
},
"title": "Paths of groups",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_GROUP_RELATIONSHIP",
"rightType": [
"Group"
]
}
]
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"protected_site": {
"description": "A path of protected site, from where tags of selected VMs will be replicated to recovery sites.",
"required": true,
"title": "A path of protected site",
"type": "string",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_PROTECTED_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"recovery_sites": {
"description": "Paths of recovery sites, where tags of selected VMs will be replicated to, from protected site.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Paths of recovery sites",
"type": "array",
"x-vmw-cross-reference": [
{
"leftType": [
"VMTagReplicationPolicy"
],
"relationshipType": "VM_TAG_REPLICATION_POLICY_RECOVERY_SITE_RELATIONSHIP",
"rightType": [
"Site"
]
}
]
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
},
"vm_match_criteria": {
"default": "MATCH_NSX_ATTACHMENT_ID",
"description": "Matching criteria used for associating VMs from protected site to VMs on recovery sites. - MATCH_NSX_ATTACHMENT_ID : Associate VMs from the protected site and recovery sites based on NSX attachment ID. - MATCH_BIOS_UUID_NAME : Associate VMs from the protected site and recovery sites based on (VM BIOS UUID + VM Name).",
"enum": [
"MATCH_NSX_ATTACHMENT_ID",
"MATCH_BIOS_UUID_NAME"
],
"required": false,
"title": "Matching criteria used for associating VMs",
"type": "string"
}
},
"title": "A policy to replicate tags from once site to other",
"type": "object"
}
VMTagReplicationPolicyListRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "PolicyListRequestParameters
},
"id": "VMTagReplicationPolicyListRequestParameters",
"module_id": "VMTagReplicationPolicy",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"include_mark_for_delete_objects": {
"default": false,
"description": "If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.",
"required": false,
"title": "Include objects that are marked for deletion in results",
"type": "boolean"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "VM tag replication policy list request parameters",
"type": "object"
}
VMTagReplicationPolicyListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VMTagReplicationPolicyListResult",
"module_id": "VMTagReplicationPolicy",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of the VM tag replication policies in the results array",
"type": "integer"
},
"results": {
"items": {
"$ref": "VMTagReplicationPolicy
},
"readonly": true,
"title": "Collection of VM tag replication policies",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
ValidateCertificateParameters (type)
{
"additionalProperties": false,
"id": "ValidateCertificateParameters",
"module_id": "CertificateManager",
"properties": {
"usage": {
"$ref": "CertificateUsageType,
"description": "Usage Type of the Certificate, SERVER or CLIENT. Default is SERVER",
"required": false,
"title": "Certificate Usage Type"
}
},
"type": "object"
}
ValueConstraintExpression (type)
{
"additionalProperties": false,
"description": "Represents the leaf level value constraint to constrain specified attribute value to the set of values to be allowed/not-allowed. Example - sourceGroups allowed to have only with list of groups. { \"operator\":\"INCLUDES\", \"values\":[\"/infra/services/HTTP\", \"/infra/services/HTTPS\"] }",
"extends": {
"$ref": "ConstraintExpression
},
"id": "ValueConstraintExpression",
"module_id": "PolicyConstraints",
"polymorphic-type-descriptor": {
"type-identifier": "ValueConstraintExpression"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"operator": {
"enum": [
"INCLUDES",
"EXCLUDES",
"EQUALS"
],
"required": true,
"title": "Operation to check for value list for resource attribute of constraint.",
"type": "string"
},
"resource_type": {
"enum": [
"ValueConstraintExpression",
"RelatedAttributeConditionalExpression",
"EntityInstanceCountConstraintExpression",
"FieldSanityConstraintExpression"
],
"required": true,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"values": {
"deprecated": true,
"description": "List of values.",
"items": {
"type": "string"
},
"required": false,
"title": "Array of values to perform operation.",
"type": "array"
},
"values_with_type": {
"$ref": "ConstraintValue,
"description": "List of values.",
"required": false,
"title": "Array of values to perform operation."
}
},
"title": "Represents the leaf level value constraint.",
"type": "object"
}
VersionList (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ManagedResource
},
"id": "VersionList",
"module_id": "VersionWhitelist",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"acceptable_versions": {
"items": {
"type": "string"
},
"required": true,
"title": "List of component versions",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"type": "object"
}
VidmInfo (type)
{
"id": "VidmInfo",
"module_id": "AAA",
"properties": {
"display_name": {
"readonly": true,
"required": true,
"title": "User's Full Name Or User Group's Display Name",
"type": "string"
},
"name": {
"readonly": true,
"required": true,
"title": "Username Or Groupname",
"type": "string"
},
"type": {
"enum": [
"remote_user",
"remote_group"
],
"readonly": true,
"required": true,
"title": "Type",
"type": "string"
}
},
"title": "Vidm Info",
"type": "object"
}
VidmInfoListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VidmInfoListResult",
"module_id": "AAA",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VidmInfo
},
"required": true,
"title": "List results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VidmInfoSearchRequestParameters (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListRequestParameters
},
"id": "VidmInfoSearchRequestParameters",
"module_id": "AAA",
"properties": {
"cursor": {
"readonly": false,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"included_fields": {
"description": "Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.",
"title": "Comma separated list of fields that should be included in query result",
"type": "string"
},
"page_size": {
"default": 1000,
"maximum": 1000,
"minimum": 0,
"title": "Maximum number of results to return in this page (server may return fewer)",
"type": "integer"
},
"search_string": {
"description": "This is a substring search that is case insensitive.",
"required": true,
"title": "Search string to search for.\n",
"type": "string"
},
"sort_ascending": {
"type": "boolean"
},
"sort_by": {
"title": "Field by which records are sorted",
"type": "string"
}
},
"title": "Vidm information search request parameters",
"type": "object"
}
View (type)
{
"additionalProperties": false,
"description": "Describes the configuration of a view to be displayed on the dashboard.",
"extends": {
"$ref": "ManagedResource
},
"id": "View",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget.",
"maxLength": 255,
"required": true,
"title": "Widget Title",
"type": "string"
},
"exclude_roles": {
"description": "Comma separated list of roles to which the shared view is not visible. Allows user to prevent the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles. If include_roles is specified then exclude_roles cannot be specified.",
"maxLength": 1024,
"title": "Roles to which the shared view is not visible",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"include_roles": {
"description": "Comma separated list of roles to which the shared view is visible. Allows user to specify the visibility of a shared view to the specified roles. User defined roles can also be specified in the list. The roles can be obtained via GET /api/v1/aaa/roles. Please visit API documentation for details about roles.",
"maxLength": 1024,
"title": "Roles to which the shared view is visible",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"shared": {
"default": false,
"description": "Defaults to false. Set to true to publish the view to other users. The widgets of a shared view are visible to other users.",
"title": "Share the view with other users",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"default": 10000,
"description": "Determines placement of view relative to other views. The lower the weight, the higher it is in the placement order.",
"title": "Weightage or placement of the view",
"type": "int"
},
"widgets": {
"description": "Array of widgets that are part of the view.",
"items": {
"$ref": "WidgetItem
},
"minItems": 0,
"required": true,
"title": "Widgets",
"type": "array"
}
},
"title": "Dashboard View",
"type": "object"
}
ViewList (type)
{
"additionalProperties": false,
"description": "Represents a list of views.",
"id": "ViewList",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"views": {
"description": "Array of views",
"items": {
"$ref": "View
},
"readonly": true,
"required": true,
"title": "Array of views",
"type": "array"
}
},
"title": "List of Views",
"type": "object"
}
ViewQueryParameters (type)
{
"additionalProperties": false,
"id": "ViewQueryParameters",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"tag": {
"description": "The tag for which associated views to be queried. For tags specified on views, scope is automatically set to 'nsx-dashboard' and hence scope is ignored for searching views based on tag.",
"readonly": true,
"title": "The tag for which associated views to be queried.",
"type": "string"
},
"view_ids": {
"description": "Comma separated ids of views to be queried.",
"maxLength": 8192,
"readonly": true,
"title": "Ids of the Views",
"type": "string"
},
"widget_id": {
"description": "Id of widget to be queried for all the views it is part of.",
"maxLength": 255,
"readonly": true,
"title": "Id of widget configuration",
"type": "string"
}
},
"title": "Parameters for querying views",
"type": "object"
}
VirtualEndpoint (type)
{
"additionalProperties": false,
"description": "A VirtualEndpoint represents an IP (or nexthop) which is outside SDDC. It represents a redirection target for RedirectionPolicy.",
"extends": {
"$ref": "BaseEndpoint
},
"id": "VirtualEndpoint",
"module_id": "PolicyServiceInsertion",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualEndpoint"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"enum": [
"VirtualEndpoint",
"ServiceInstanceEndpoint"
],
"required": true,
"type": "string"
},
"service_names": {
"description": "One VirtualEndpoint will be created per service name.",
"items": {
"type": "string"
},
"maxItems": 1,
"minItems": 1,
"readonly": false,
"required": true,
"title": "Services for which this endpoint to be created",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"target_ips": {
"description": "IPs where either inbound or outbound traffic is to be redirected.",
"items": {
"$ref": "IPInfo
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "IP addresses to redirect the traffic to",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "This endpoint is strictly of the type Virtual",
"type": "object"
}
VirtualMachine (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualMachine",
"module_id": "Inventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"compute_ids": {
"items": {
"type": "string"
},
"required": true,
"title": "List of external compute ids of the virtual machine in the format 'id-type-key:value' , list of external compute ids ['uuid:xxxx-xxxx-xxxx-xxxx', 'moIdOnHost:moref-11', 'instanceUuid:xxxx-xxxx-xxxx-xxxx']",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": true,
"title": "Current external id of this virtual machine in the system.",
"type": "string"
},
"guest_info": {
"$ref": "GuestInfo,
"description": "Guest virtual machine details include OS name, computer name of guest VM. Currently this is supported for guests on ESXi that have VMware Tools installed.",
"required": false,
"title": "Guest virtual machine details"
},
"host_id": {
"required": false,
"title": "Id of the host in which this virtual machine exists.",
"type": "string"
},
"local_id_on_host": {
"required": true,
"title": "Id of the vm unique within the host.",
"type": "string"
},
"power_state": {
"enum": [
"VM_RUNNING",
"VM_STOPPED",
"VM_SUSPENDED",
"UNKNOWN"
],
"required": true,
"title": "Current power state of this virtual machine in the system.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source": {
"$ref": "ResourceReference,
"required": false,
"title": "Reference of the Host or Public Cloud Gateway that reported the VM"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"type": {
"enum": [
"EDGE",
"SERVICE",
"REGULAR",
"MP",
"INTELLIGENCE",
"VC_SYSTEM",
"UNKNOWN"
],
"readonly": true,
"required": true,
"title": "Virtual Machine type; Edge, Service VM or other.",
"type": "string"
}
},
"type": "object"
}
VirtualNetworkInterface (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualNetworkInterface",
"module_id": "Inventory",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"device_key": {
"required": true,
"title": "Device key of the virtual network interface.",
"type": "string"
},
"device_name": {
"required": false,
"title": "Device name of the virtual network interface.",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"required": true,
"title": "External Id of the virtual network inferface.",
"type": "string"
},
"host_id": {
"required": true,
"title": "Id of the host on which the vm exists.",
"type": "string"
},
"ip_address_info": {
"items": {
"$ref": "IpAddressInfo
},
"required": false,
"title": "IP Addresses of the the virtual network interface, from various sources.",
"type": "array"
},
"lport_attachment_id": {
"required": false,
"title": "LPort Attachment Id of the virtual network interface.",
"type": "string"
},
"mac_address": {
"required": true,
"title": "MAC address of the virtual network interface.",
"type": "string"
},
"owner_vm_id": {
"required": true,
"title": "Id of the vm to which this virtual network interface belongs.",
"type": "string"
},
"owner_vm_type": {
"enum": [
"EDGE",
"SERVICE",
"REGULAR"
],
"readonly": true,
"required": false,
"title": "Owner virtual machine type; Edge, Service VM or other.",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"vm_local_id_on_host": {
"required": true,
"title": "Id of the vm unique within the host.",
"type": "string"
}
},
"type": "object"
}
VirtualNetworkInterfaceListResult (type)
{
"additionalProperties": false,
"extends": {
"$ref": "ListResult
},
"id": "VirtualNetworkInterfaceListResult",
"module_id": "Inventory",
"properties": {
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cursor": {
"readonly": true,
"title": "Opaque cursor to be used for getting next page of records (supplied by current result page)",
"type": "string"
},
"result_count": {
"readonly": true,
"title": "Count of results found (across all pages), set only on first page",
"type": "integer"
},
"results": {
"items": {
"$ref": "VirtualNetworkInterface
},
"required": true,
"title": "VirtualNetworkInterface list results",
"type": "array"
},
"sort_ascending": {
"readonly": true,
"title": "If true, results are sorted in ascending order",
"type": "boolean"
},
"sort_by": {
"readonly": true,
"title": "Field by which records are sorted",
"type": "string"
}
},
"type": "object"
}
VirtualPortgroup (type)
{
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualPortgroup",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualPortgroup"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"description": "Id of the portgroup, eg. a mo-ref from VC.",
"readonly": true,
"required": false,
"title": "Id of the portgroup in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual portgroup",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Portgroup type like DistributedVirtualPortgroup",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Virtual portgroup on a virtual switch",
"type": "object"
}
VirtualSwitch (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VirtualSwitch",
"module_id": "InventoryCmObj",
"polymorphic-type-descriptor": {
"type-identifier": "VirtualSwitch"
},
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"cm_local_id": {
"readonly": true,
"required": false,
"title": "ID of the virtual switch in compute manager",
"type": "string"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"readonly": true,
"required": true,
"title": "External id of the virtual switch",
"type": "string"
},
"origin_id": {
"description": "ID of the compute manager where this virtual switch is discovered.",
"readonly": true,
"required": false,
"title": "ID of the compute manager",
"type": "string"
},
"origin_type": {
"readonly": true,
"required": false,
"title": "Switch type like VmwareDistributedVirtualSwitch",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
}
},
"title": "Virtual switch on a compute manager",
"type": "object"
}
VlanID (type)
{
"id": "VlanID",
"maximum": 4094,
"minimum": 0,
"module_id": "Types",
"title": "Virtual Local Area Network Identifier",
"type": "integer"
}
VlanVniRangePair (type)
{
"additionalProperties": false,
"description": "Vlan-Vni mapping pair resource in EvpnTenantConfig for ROUTE-SERVER Evpn mode",
"id": "VlanVniRangePair",
"module_id": "PolicyConnectivity",
"properties": {
"vlans": {
"description": "List of VLAN ids and VLAN ranges (specified with '-').",
"required": true,
"title": "List of VLAN ids",
"type": "string"
},
"vnis": {
"description": "List of VNI ids and VNI ranges (specified with '-'). The vni id is used for VXLAN transmission for a given tenant Vlan ID in ROUTE-SERVER Evpn.",
"required": true,
"title": "List of VNI ids",
"type": "string"
}
},
"title": "Vlan Vni pair resource",
"type": "object"
}
VmToolsInfo (type)
{
"additionalProperties": false,
"extends": {
"$ref": "DiscoveredResource
},
"id": "VmToolsInfo",
"module_id": "VmToolsInfo",
"properties": {
"_last_sync_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"external_id": {
"description": "Current external id of this virtual machine in the system.",
"readonly": true,
"required": false,
"title": "VM external ID",
"type": "string"
},
"file_agent_version": {
"description": "Version of file agent on the VM of a third party partner solution.",
"readonly": true,
"required": false,
"title": "File agent version on the VM",
"type": "string"
},
"host_local_id": {
"description": "Id of the VM which is assigned locally by the host. It is the VM-moref on ESXi hosts, in other environments it is VM UUID.",
"readonly": true,
"required": false,
"title": "VM ID given by the host",
"type": "string"
},
"network_agent_version": {
"description": "Version of network agent on the VM of a third party partner solution.",
"readonly": true,
"required": false,
"title": "Network agent version on the VM",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"required": true,
"type": "string"
},
"scope": {
"description": "Specifies list of scope of discovered resource. e.g. if VHC path is associated with principal identity, who owns the discovered resource, then scope id will be VHC path and scope type will be VHC.",
"items": {
"$ref": "DiscoveredResourceScope
},
"readonly": false,
"required": false,
"title": "List of scopes for discovered resource",
"type": "array"
},
"source": {
"$ref": "ResourceReference,
"readonly": true,
"required": false,
"title": "Reference of the Host or Public Cloud Gateway that reported the VM."
},
"svmStatus": {
"description": "Connectivity Status between each Guest Introspection Solution deployed in the data center with the guest VM.",
"items": {
"$ref": "SvmConnectivityStatus
},
"required": false,
"title": "SvmConnectivityStatus list.",
"type": "array"
},
"svm_connectivity": {
"description": "Endpoint Protection (Third party AV partner using NXGI) status on the VM. TRUE - VM is configured and protected by EPP Service VM. FALSE - VM is either not configured for protection or VM is disconnected from EPP Service VM.",
"readonly": true,
"required": false,
"title": "Endpoint Protection status on the VM",
"type": "boolean"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"tools_version": {
"description": "Version of VMTools installed on the VM.",
"readonly": true,
"required": false,
"title": "VM tools version on the VM",
"type": "string"
},
"vm_type": {
"description": "Type of VM - Edge, Service or other.",
"enum": [
"EDGE",
"SERVICE",
"REGULAR"
],
"readonly": true,
"required": false,
"title": "Virtual Machine type",
"type": "string"
}
},
"type": "object"
}
VniPoolConfig (type)
{
"additionalProperties": false,
"description": "Vni Pool Configuration.",
"extends": {
"$ref": "PolicyConfigResource
},
"id": "VniPoolConfig",
"module_id": "PolicyConnectivity",
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"children": {
"description": "subtree for this type within policy tree containing nested elements.",
"items": {
"$ref": "ChildPolicyConfigResource
},
"required": false,
"title": "subtree for this type within policy tree",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"can_sort": true,
"description": "Defaults to ID if not set",
"maxLength": 255,
"title": "Identifier to use when displaying entity in logs or GUI",
"type": "string"
},
"end": {
"maximum": 16777215,
"minimum": 75001,
"required": true,
"title": "End value of VNI Pool range",
"type": "int"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"marked_for_delete": {
"default": false,
"description": "Intent objects are not directly deleted from the system when a delete is invoked on them. They are marked for deletion and only when all the realized entities for that intent object gets deleted, the intent object is deleted. Objects that are marked for deletion are not returned in GET call. One can use the search API to get these objects.",
"readonly": true,
"required": false,
"title": "Indicates whether the intent object is marked for deletion",
"type": "boolean"
},
"overridden": {
"default": false,
"description": "Global intent objects cannot be modified by the user. However, certain global intent objects can be overridden locally by use of this property. In such cases, the overridden local values take precedence over the globally defined values for the properties.",
"readonly": true,
"required": false,
"title": "Indicates whether this object is the overridden intent object",
"type": "boolean"
},
"parent_path": {
"description": "Path of its parent",
"readonly": true,
"required": false,
"title": "Path of its parent",
"type": "string"
},
"path": {
"description": "Absolute path of this object",
"readonly": true,
"required": false,
"title": "Absolute path of this object",
"type": "string"
},
"realization_id": {
"description": "This is a UUID generated by the system for realizing the entity object. In most cases this should be same as 'unique_id' of the entity. However, in some cases this can be different because of entities have migrated thier unique identifier to NSX Policy intent objects later in the timeline and did not use unique_id for realization. Realization id is helpful for users to debug data path to correlate the configuration with corresponding intent.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system for realizing intent",
"type": "string"
},
"relative_path": {
"description": "Path relative from its parent",
"readonly": true,
"required": false,
"title": "Relative path of this object",
"type": "string"
},
"resource_type": {
"description": "The type of this resource.",
"readonly": false,
"type": "string"
},
"start": {
"maximum": 16777215,
"minimum": 75001,
"required": true,
"title": "Start value of VNI Pool range",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"unique_id": {
"description": "This is a UUID generated by the GM/LM to uniquely identify entites in a federated environment. For entities that are stretched across multiple sites, the same ID will be used on all the stretched sites.",
"readonly": true,
"required": false,
"title": "A unique identifier assigned by the system",
"type": "string"
}
},
"title": "Vni Pool Config",
"type": "object"
}
VrfEvpnL2VniConfig (type)
{
"id": "VrfEvpnL2VniConfig",
"module_id": "PolicyConnectivity",
"properties": {
"enable_vtep_groups": {
"default": false,
"description": "This is used to enable or disable the creation of vtep groups. Each vtep group is used to group vteps with the same MAC for L2 ECMP usage.",
"required": false,
"title": "Flag to enable or disable the creation of vtep groups",
"type": "boolean"
},
"l2_vni_configs": {
"description": "Define L2 VNI and its related route distinguiser and route targets.",
"items": {
"$ref": "VrfL2VniConfig
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "L2 VNI configurations associated with the VRF",
"type": "array"
}
},
"type": "object"
}
VrfL2VniConfig (type)
{
"id": "VrfL2VniConfig",
"module_id": "PolicyConnectivity",
"properties": {
"l2_vni": {
"description": "L2 VNI associated with the VRF. It must be unique and available from the VNI pool defined for EVPN service.",
"required": true,
"title": "L2 VNI associated with the VRF",
"type": "int"
},
"route_distinguisher": {
"description": "This is a 64 bit number which disambiguates overlapping logical networks, with format in IPAddress:<number> or ASN:<number>.",
"required": true,
"title": "The unique route distinguisher for the virtual routing and forwarding instance",
"type": "string"
},
"route_targets": {
"description": "Route targets.",
"items": {
"$ref": "VrfRouteTargets
},
"maxItems": 1,
"minItems": 1,
"required": true,
"title": "Route targets",
"type": "array"
}
},
"type": "object"
}
VrfRouteTargets (type)
{
"additionalProperties": false,
"description": "Vrf Route Targets for import/export.",
"id": "VrfRouteTargets",
"module_id": "PolicyConnectivity",
"properties": {
"address_family": {
"default": "L2VPN_EVPN",
"description": "Address family.",
"enum": [
"L2VPN_EVPN"
],
"required": false,
"title": "Address family",
"type": "string"
},
"export_route_targets": {
"description": "Export route targets with format in ASN:<number>.",
"items": {
"type": "string"
},
"required": false,
"title": "Export route targets",
"type": "array"
},
"import_route_targets": {
"description": "Import route targets with format in ASN:<number>.",
"items": {
"type": "string"
},
"required": false,
"title": "Import route targets",
"type": "array"
}
},
"title": "Vrf Route Targets",
"type": "object"
}
VrniGlobalCollector (type)
{
"additionalProperties": false,
"desceiption": "vRNI collector collects the system metrics to\nVmware vRNI (vRealize Network Insight) platform\nfor network monitoring and analytics.\n",
"extends": {
"$ref": "GlobalCollectorConfig
},
"id": "VrniGlobalCollector",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "VRNI"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
},
"report_interval": {
"default": 30,
"description": "Report interval for operation data in seconds.",
"maximum": 1800,
"minimum": 1,
"required": true,
"title": "Report interval for operation data in seconds",
"type": "int"
}
},
"title": "NSX global configs for VRNI global collector",
"type": "object"
}
VsphereClusterNodeVMDeploymentConfig (type)
{
"description": "The Vsphere deployment configuration determines where to deploy the cluster node VM through a vCenter server. It contains settings that are applied during install time. If using DHCP, the following fields must be left unset - dns_servers, management_port_subnets, and default_gateway_addresses",
"extends": {
"$ref": "ClusterNodeVMDeploymentConfig
},
"id": "VsphereClusterNodeVMDeploymentConfig",
"module_id": "ClusterNodeVMDeployment",
"polymorphic-type-descriptor": {
"type-identifier": "VsphereClusterNodeVMDeploymentConfig"
},
"properties": {
"allow_ssh_root_login": {
"default": false,
"description": "If true, the root user will be allowed to log into the VM. Allowing root SSH logins is not recommended for security reasons.",
"required": false,
"title": "Allow root SSH logins",
"type": "boolean"
},
"compute_id": {
"description": "The cluster node VM will be deployed on the specified cluster or resourcepool for specified VC server.",
"required": true,
"title": "Cluster identifier or resourcepool identifier",
"type": "string"
},
"default_gateway_addresses": {
"description": "The default gateway for the VM to be deployed must be specified if all the other VMs it communicates with are not in the same subnet. Do not specify this field and management_port_subnets to use DHCP. Note: only single IPv4 default gateway address is supported and it must belong to management network. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.",
"items": {
"$ref": "IPAddress
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Default gateway for the VM",
"type": "array"
},
"disk_provisioning": {
"$ref": "DiskProvisioning,
"default": "THIN",
"description": "Specifies the disk provisioning type of the VM.",
"required": false,
"title": "Disk provitioning type"
},
"dns_servers": {
"description": "List of DNS servers. If DHCP is used, the default DNS servers associated with the DHCP server will be used instead. Required if using static IP.",
"items": {
"$ref": "IPv4Address
},
"minItems": 1,
"required": false,
"title": "DNS servers",
"type": "array"
},
"enable_ssh": {
"default": false,
"description": "If true, the SSH service will automatically be started on the VM. Enabling SSH service is not recommended for security reasons.",
"required": false,
"title": "Enable SSH",
"type": "boolean"
},
"folder_id": {
"description": "Specifies the folder in which the VM should be placed.",
"required": false,
"title": "Folder identifier",
"type": "string"
},
"host_id": {
"description": "The cluster node VM will be deployed on the specified host in the specified VC server within the cluster if host_id is specified. Note: User must ensure that storage and specified networks are accessible by this host.",
"required": false,
"title": "Host identifier",
"type": "string"
},
"hostname": {
"description": "Desired host name/FQDN for the VM to be deployed",
"pattern": "^(?=.{1,255}$)[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?(?:\\.[0-9A-Za-z](?:(?:[0-9A-Za-z]|-){0,61}[0-9A-Za-z])?)*?$",
"required": true,
"title": "Host name or FQDN for the VM",
"type": "string"
},
"management_network_id": {
"description": "Distributed portgroup identifier to which the management vnic of cluster node VM will be connected.",
"required": true,
"title": "Portgroup identifier for management network connectivity",
"type": "string"
},
"management_port_subnets": {
"description": "IP Address and subnet configuration for the management port. Do not specify this field and default_gateway_addresses to use DHCP. Note: only one IPv4 address is supported for the management port. IMPORTANT: VMs deployed using DHCP are currently not supported, so this parameter should be specified.",
"items": {
"$ref": "IPSubnet
},
"maxItems": 1,
"minItems": 1,
"required": false,
"title": "Port subnets for management port",
"type": "array"
},
"ntp_servers": {
"description": "List of NTP servers. To use hostnames, a DNS server must be defined. If not using DHCP, a DNS server should be specified under dns_servers.",
"items": {
"$ref": "HostnameOrIPv4Address
},
"required": false,
"title": "NTP servers",
"type": "array"
},
"placement_type": {
"description": "Specifies the config for the platform through which to deploy the VM",
"enum": [
"VsphereClusterNodeVMDeploymentConfig"
],
"required": true,
"title": "Type of deployment",
"type": "string"
},
"search_domains": {
"description": "List of domain names that are used to complete unqualified host names.",
"items": {
"type": "string"
},
"required": false,
"title": "DNS search domain names",
"type": "array"
},
"storage_id": {
"description": "The cluster node VM will be deployed on the specified datastore in the specified VC server. User must ensure that storage is accessible by the specified cluster/host.",
"required": true,
"title": "Storage/datastore identifier",
"type": "string"
},
"vc_id": {
"description": "The VC-specific identifiers will be resolved on this VC, so all other identifiers specified in the config must belong to this vCenter server.",
"required": true,
"title": "Vsphere compute identifier for identifying VC server",
"type": "string"
}
},
"title": "Deployment config on the Vsphere platform",
"type": "object"
}
WaveFrontGlobalCollector (type)
{
"additionalProperties": false,
"desceiption": "Wavefront collector is defined to export the real-time\nmetrics to Vmware Warfront platform for monitoring and streaming analysis.\nIt is only appliacble on VMC mode.\n",
"extends": {
"$ref": "GlobalCollectorConfig
},
"id": "WaveFrontGlobalCollector",
"module_id": "Policy",
"polymorphic-type-descriptor": {
"type-identifier": "WAVE_FRONT"
},
"properties": {
"collector_ip": {
"$ref": "IPAddress,
"description": "IP address for the global collector.",
"required": true,
"title": "IP address for the global collector collector"
},
"collector_port": {
"description": "Port for the global collector.",
"maximum": 65535,
"minimum": 0,
"required": true,
"title": "Port for the global collector",
"type": "int"
},
"collector_type": {
"$ref": "GlobalCollectorType,
"description": "Specify the global collector type.",
"required": true
},
"tracing_port": {
"default": 30001,
"description": "Port for the Wavefront tracing.",
"maximum": 65535,
"minimum": 0,
"required": false,
"title": "Port for the Wavefront tracing",
"type": "int"
}
},
"title": "NSX global configs for WAVE_FRONT global collector",
"type": "object"
}
WeeklyBackupSchedule (type)
{
"extends": {
"$ref": "BackupSchedule
},
"id": "WeeklyBackupSchedule",
"module_id": "BackupConfiguration",
"polymorphic-type-descriptor": {
"type-identifier": "WeeklyBackupSchedule"
},
"properties": {
"days_of_week": {
"items": {
"type": "integer"
},
"maxItems": 7,
"minItems": 1,
"required": true,
"title": "Days of week when backup is taken. 0 - Sunday, 1 - Monday, 2 - Tuesday, 3 - Wednesday ...",
"type": "array",
"uniqueItems": true
},
"hour_of_day": {
"maximum": 23,
"minimum": 0,
"required": true,
"title": "Time of day when backup is taken",
"type": "integer"
},
"minute_of_day": {
"maximum": 59,
"minimum": 0,
"required": true,
"title": "Time of day when backup is taken",
"type": "integer"
},
"resource_type": {
"enum": [
"WeeklyBackupSchedule",
"IntervalBackupSchedule"
],
"required": true,
"title": "Schedule type",
"type": "string"
}
},
"title": "Schedule to specify day of the week and time to take automated backup",
"type": "object"
}
WidgetConfiguration (type)
{
"additionalProperties": false,
"description": "Describes the configuration of a widget to be displayed on the dashboard. WidgetConfiguration is a base type that provides attributes of a widget in-general.",
"extends": {
"$ref": "ManagedResource
},
"id": "WidgetConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"polymorphic-type-descriptor": {
"mode": "enabled"
},
"properties": {
"_create_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of resource creation",
"readonly": true
},
"_create_user": {
"description": "ID of the user who created this resource",
"readonly": true,
"type": "string"
},
"_last_modified_time": {
"$ref": "EpochMsTimestamp,
"can_sort": true,
"description": "Timestamp of last modification",
"readonly": true
},
"_last_modified_user": {
"description": "ID of the user who last modified this resource",
"readonly": true,
"type": "string"
},
"_links": {
"description": "The server will populate this field when returing the resource. Ignored on PUT and POST.",
"items": {
"$ref": "ResourceLink
},
"readonly": true,
"title": "References related to this resource",
"type": "array"
},
"_protection": {
"description": "Protection status is one of the following: PROTECTED - the client who retrieved the entity is not allowed to modify it. NOT_PROTECTED - the client who retrieved the entity is allowed to modify it REQUIRE_OVERRIDE - the client who retrieved the entity is a super user and can modify it, but only when providing the request header X-Allow-Overwrite=true. UNKNOWN - the _protection field could not be determined for this entity.",
"readonly": true,
"title": "Indicates protection status of this resource",
"type": "string"
},
"_revision": {
"description": "The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected.",
"title": "Generation of this resource config",
"type": "int"
},
"_schema": {
"readonly": true,
"title": "Schema for this resource",
"type": "string"
},
"_self": {
"$ref": "SelfResourceLink,
"readonly": true,
"title": "Link to this resource"
},
"_system_owned": {
"description": "Indicates system owned resource",
"readonly": true,
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the widget will be displayed to UI. If no condition is provided, then the widget will be displayed unconditionally.",
"maxLength": 1024,
"title": "Expression for evaluating condition",
"type": "string"
},
"datasources": {
"description": "The 'datasources' represent the sources from which data will be fetched. Currently, only NSX-API is supported as a 'default' datasource. An example of specifying 'default' datasource along with the urls to fetch data from is given at 'example_request' section of 'CreateWidgetConfiguration' API.",
"items": {
"$ref": "Datasource
},
"minItems": 0,
"title": "Array of Datasource Instances with their relative urls",
"type": "array"
},
"default_filter_value": {
"description": "Default filter values to be passed to datasources. This will be used when the report is requested without filter values.",
"items": {
"$ref": "DefaultFilterValue
},
"title": "Default filter value to be passed to datasources",
"type": "array"
},
"description": {
"can_sort": true,
"maxLength": 1024,
"title": "Description of this resource",
"type": "string"
},
"display_name": {
"description": "Title of the widget. If display_name is omitted, the widget will be shown without a title.",
"maxLength": 255,
"title": "Widget Title",
"type": "string"
},
"drilldown_id": {
"description": "Id of drilldown widget, if any. Id should be a valid id of an existing widget. A widget is considered as drilldown widget when it is associated with any other widget and provides more detailed information about any data item from the parent widget.",
"maxLength": 255,
"title": "Id of drilldown widget",
"type": "string"
},
"feature_set": {
"$ref": "FeatureSet,
"description": "Features required to view the widget.",
"title": "Features required to view the widget"
},
"filter": {
"deprecated": true,
"description": "Id of filter widget for subscription, if any. Id should be a valid id of an existing filter widget. Filter widget should be from the same view. Datasource URLs should have placeholder values equal to filter alias to accept the filter value on filter change. This field is deprecated instead use 'filters' property.",
"title": "Id of filter widget for subscription",
"type": "string"
},
"filter_value_required": {
"default": true,
"description": "Flag to indicate that widget will continue to work without filter value. If this flag is set to false then default_filter_value is manadatory.",
"title": "Flag to indicate if filter value is necessary",
"type": "boolean"
},
"filters": {
"description": "A List of filter applied to this widget configuration. This will be used to identify the filters applied to this widget.",
"items": {
"type": "string"
},
"title": "A List of filter ids applied to this widget configuration",
"type": "array"
},
"footer": {
"$ref": "Footer
},
"icons": {
"description": "Icons to be applied at dashboard for widgets and UI elements.",
"items": {
"$ref": "Icon
},
"title": "Icons",
"type": "array"
},
"id": {
"can_sort": true,
"title": "Unique identifier of this resource",
"type": "string"
},
"is_drilldown": {
"default": false,
"description": "Set to true if this widget should be used as a drilldown.",
"title": "Set as a drilldown widget",
"type": "boolean"
},
"legend": {
"$ref": "Legend,
"description": "Legend to be displayed. If legend is not needed, do not include it.",
"title": "Legend for the widget"
},
"plot_configs": {
"description": "List of plotting configuration for a given widget. Widget plotting configurations which are common across all the widgets types should be define here.",
"items": {
"$ref": "WidgetPlotConfiguration
},
"required": false,
"title": "List of plotting configuration for a given widget.",
"type": "array"
},
"resource_type": {
"description": "Supported visualization types are LabelValueConfiguration, DonutConfiguration, GridConfiguration, StatsConfiguration, MultiWidgetConfiguration, GraphConfiguration, ContainerConfiguration, CustomWidgetConfiguration, CustomFilterWidgetConfiguration, TimeRangeDropdownFilterWidgetConfiguration, SpacerWidgetConfiguration, LegendWidgetConfiguration and DropdownFilterWidgetConfiguration.",
"enum": [
"LabelValueConfiguration",
"DonutConfiguration",
"MultiWidgetConfiguration",
"ContainerConfiguration",
"StatsConfiguration",
"GridConfiguration",
"GraphConfiguration",
"CustomWidgetConfiguration",
"CustomFilterWidgetConfiguration",
"TimeRangeDropdownFilterWidgetConfiguration",
"DropdownFilterWidgetConfiguration",
"SpacerWidgetConfiguration",
"LegendWidgetConfiguration"
],
"maxLength": 255,
"readonly": true,
"required": true,
"title": "Widget visualization type",
"type": "string"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container. 1 Row span is equal to 20px.",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"shared": {
"deprecated": true,
"description": "Please use the property 'shared' of View instead of this. The widgets of a shared view are visible to other users.",
"title": "Visiblity of widgets to other users",
"type": "boolean"
},
"show_header": {
"description": "If the value of this field is set to true then card header will be displayed otherwise only card will be displayed without header.",
"title": "This decides to show the container header or not.",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"tags": {
"items": {
"$ref": "Tag
},
"maxItems": 30,
"title": "Opaque identifiers meaningful to the API user",
"type": "array"
},
"weight": {
"deprecated": true,
"description": "Specify relavite weight in WidgetItem for placement in a view. Please see WidgetItem for details.",
"title": "Weightage or placement of the widget or container",
"type": "int"
}
},
"title": "Dashboard Widget Configuration",
"type": "object"
}
WidgetConfigurationList (type)
{
"additionalProperties": false,
"description": "Represents a list of widget configurations.",
"id": "WidgetConfigurationList",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"widgetconfigurations": {
"description": "Array of widget configurations",
"items": {
"$ref": "WidgetConfiguration
},
"readonly": true,
"required": true,
"title": "Array of widget configurations",
"type": "array"
}
},
"title": "List of Widget Configurations",
"type": "object"
}
WidgetItem (type)
{
"additionalProperties": false,
"description": "Represents a reference to a widget that is held by a container or a multi-widget or a View.",
"id": "WidgetItem",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"alignment": {
"default": "LEFT",
"description": "Aligns widget either left or right.",
"enum": [
"LEFT",
"RIGHT"
],
"title": "Alignment of widget inside container",
"type": "string"
},
"label": {
"$ref": "Label,
"description": "Applicable for 'DonutConfiguration' and 'StatsConfiguration' reports only. If label is not specified, then it defaults to the label of the donut or stats report.",
"title": "Label of the the report"
},
"rowspan": {
"description": "Represents the vertical span of the widget / container",
"minimum": 1,
"title": "Vertical span",
"type": "int"
},
"separator": {
"default": false,
"description": "If true, separates this widget in a container.",
"title": "A separator after this widget",
"type": "boolean"
},
"span": {
"description": "Represents the horizontal span of the widget / container.",
"maximum": 12,
"minimum": 1,
"title": "Horizontal span",
"type": "int"
},
"weight": {
"default": 10000,
"description": "Determines placement of widget or container relative to other widgets and containers. The lower the weight, the higher it is in the placement order.",
"title": "Weightage or placement of the widget or container",
"type": "int"
},
"widget_id": {
"description": "Id of the widget configuration that is held by a multi-widget or a container or a view.",
"maxLength": 255,
"required": true,
"title": "Id of the widget configuration",
"type": "string"
}
},
"title": "Widget held by MultiWidgetConfiguration or Container or a View",
"type": "object"
}
WidgetPlotConfiguration (type)
{
"additionalProperties": false,
"description": "Base type for widget plot config.",
"id": "WidgetPlotConfiguration",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"allow_maximize": {
"description": "Allow maximize capability for this widget",
"title": "Allow maximize capability for this widget",
"type": "boolean"
},
"condition": {
"description": "If the condition is met then the given chart config is applied to the widget configuration.",
"maxLength": 1024,
"title": "Expression for evaluating condition for this chart config",
"type": "string"
}
},
"title": "Base type for widget plot config",
"type": "object"
}
WidgetQueryParameters (type)
{
"additionalProperties": false,
"id": "WidgetQueryParameters",
"module_id": "NsxDashboard",
"nsx_feature": "NsxDashboardWidgetConfig",
"properties": {
"container": {
"description": "Id of the container whose widget configurations are to be queried.",
"maxLength": 255,
"readonly": true,
"title": "Id of the container",
"type": "string"
},
"widget_ids": {
"description": "Comma separated ids of WidgetConfigurations to be queried.",
"maxLength": 8192,
"readonly": true,
"title": "Ids of the WidgetConfigurations",
"type": "string"
}
},
"title": "Parameters for querying widget configurations",
"type": "object"
}
X509Certificate (type)
{
"additionalProperties": false,
"id": "X509Certificate",
"module_id": "CertificateManager",
"properties": {
"dsa_public_key_g": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, base.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_p": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, prime.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_q": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters, sub-prime.",
"readonly": true,
"required": false,
"type": "string"
},
"dsa_public_key_y": {
"description": "One of the DSA cryptogaphic algorithm's strength parameters.",
"readonly": true,
"required": false,
"type": "string"
},
"ecdsa_curve_name": {
"description": "The Curve name for the ECDSA certificate.",
"readonly": true,
"required": false,
"title": "ECDSA Curve Name",
"type": "string"
},
"ecdsa_ec_field": {
"description": "Represents an elliptic curve (EC) finite field in ECDSA.",
"enum": [
"F2M",
"FP"
],
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Finite Field",
"type": "string"
},
"ecdsa_ec_field_f2mks": {
"description": "The order of the middle term(s) of the reduction polynomial in elliptic curve (EC) | characteristic 2 finite field.| Contents of this array are copied to protect against subsequent modification in ECDSA.",
"items": {
"type": "integer"
},
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MKS",
"type": "array"
},
"ecdsa_ec_field_f2mm": {
"description": "The first coefficient of this elliptic curve in elliptic curve (EC) | characteristic 2 finite field for ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MM",
"type": "integer"
},
"ecdsa_ec_field_f2mrp": {
"description": "The value whose i-th bit corresponds to the i-th coefficient of the reduction polynomial | in elliptic curve (EC) characteristic 2 finite field for ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2MRP",
"type": "string"
},
"ecdsa_ec_field_f2pp": {
"description": "The specified prime for the elliptic curve prime finite field in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve F2PP",
"type": "string"
},
"ecdsa_public_key_a": {
"description": "The first coefficient of this elliptic curve in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key A",
"type": "string"
},
"ecdsa_public_key_b": {
"description": "The second coefficient of this elliptic curve in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key B",
"type": "string"
},
"ecdsa_public_key_cofactor": {
"description": "The co-factor in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Cofactor",
"type": "integer"
},
"ecdsa_public_key_generator_x": {
"description": "X co-ordinate of G (the generator which is also known as the base point) in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key X",
"type": "string"
},
"ecdsa_public_key_generator_y": {
"description": "Y co-ordinate of G (the generator which is also known as the base point) in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Y",
"type": "string"
},
"ecdsa_public_key_order": {
"description": "The order of generator G in ECDSA.",
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Order",
"type": "string"
},
"ecdsa_public_key_seed": {
"description": "The bytes used during curve generation for later validation in ECDSA.| Contents of this array are copied to protect against subsequent modification.",
"items": {
"type": "string"
},
"readonly": true,
"required": false,
"title": "ECDSA Elliptic Curve Public Key Seed",
"type": "array"
},
"is_ca": {
"description": "True if this is a CA certificate.",
"readonly": true,
"required": true,
"type": "boolean"
},
"is_valid": {
"description": "True if this certificate is valid.",
"readonly": true,
"required": true,
"type": "boolean"
},
"issuer": {
"description": "The certificate issuers complete distinguished name.",
"readonly": true,
"required": true,
"type": "string"
},
"issuer_cn": {
"description": "The certificate issuer's common name.",
"readonly": true,
"required": false,
"type": "string"
},
"not_after": {
"$ref": "EpochMsTimestamp,
"description": "The time in epoch milliseconds at which the certificate becomes invalid.",
"readonly": true,
"required": true
},
"not_before": {
"$ref": "EpochMsTimestamp,
"description": "The time in epoch milliseconds at which the certificate becomes valid.",
"readonly": true,
"required": true
},
"public_key_algo": {
"description": "Cryptographic algorithm used by the public key for data encryption.",
"readonly": true,
"required": true,
"title": "Public Key Algorithm",
"type": "string"
},
"public_key_length": {
"description": "Size measured in bits of the public/private keys used in a cryptographic algorithm.",
"readonly": true,
"required": false,
"type": "integer"
},
"rsa_public_key_exponent": {
"description": "An RSA public key is made up of the modulus and the public exponent. Exponent is a power number.",
"readonly": true,
"required": false,
"type": "string"
},
"rsa_public_key_modulus": {
"description": "An RSA public key is made up of the modulus and the public exponent. Modulus is wrap around number.",
"readonly": true,
"required": false,
"type": "string"
},
"serial_number": {
"description": "Certificate's serial number.",
"readonly": true,
"required": true,
"type": "string"
},
"signature": {
"description": "The signature value(the raw signature bits) used for signing and validate the cert.",
"readonly": true,
"required": true,
"type": "string"
},
"signature_algorithm": {
"description": "The algorithm used by the Certificate Authority to sign the certificate.",
"readonly": true,
"required": true,
"type": "string"
},
"subject": {
"description": "The certificate owners complete distinguished name.",
"readonly": true,
"required": true,
"type": "string"
},
"subject_cn": {
"description": "The certificate owner's common name.",
"readonly": true,
"required": false,
"type": "string"
},
"version": {
"description": "Certificate version (default v1).",
"readonly": true,
"required": true,
"type": "string"
}
},
"type": "object"
}
X509Crl (type)
{
"additionalProperties": false,
"id": "X509Crl",
"module_id": "CertificateManager",
"properties": {
"crl_entries": {
"description": "List of X509CrlEntry.",
"items": {
"$ref": "X509CrlEntry
},
"readonly": true,
"required": false,
"type": "array"
},
"issuer": {
"description": "Issuer's distinguished name. (DN)",
"readonly": true,
"required": false,
"type": "string"
},
"next_update": {
"description": "Next update time for the CRL.",
"readonly": true,
"required": false,
"type": "string"
},
"version": {
"description": "CRL's version number either 1 or 2.",
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "A CRL is a time-stamped list identifying revoked certificates.",
"type": "object"
}
X509CrlEntry (type)
{
"additionalProperties": false,
"id": "X509CrlEntry",
"module_id": "CertificateManager",
"properties": {
"revocation_date": {
"description": "Revocation date.",
"readonly": true,
"required": false,
"type": "string"
},
"serial_number": {
"description": "The revoked certificate's serial number.",
"readonly": true,
"required": false,
"type": "string"
}
},
"title": "Each revoked certificate is identified in a CRL by its certificate serial number.",
"type": "object"
}