NSX-T Data Center Global Manager REST API
Associated URIs:
| API Description | API Path |
|---|---|
Get groups for which the given Cloud Native Service Instance is a memberGet policy groups for which the given Cloud Native Service Instance is a member. |
GET /global-manager/api/v1/global-infra/cloud-native-service-group-associations
|
Get PolicyContextProfilesGet all PolicyContextProfiles |
GET /global-manager/api/v1/global-infra/context-profiles
|
Delete Policy Context ProfileDeletes the specified Policy Context Profile. If the Policy Context Profile is consumed in a firewall rule, it won't get deleted. |
DELETE /global-manager/api/v1/global-infra/context-profiles/{context-profile-id}
|
Get PolicyContextProfileGet a single PolicyContextProfile by id |
GET /global-manager/api/v1/global-infra/context-profiles/{context-profile-id}
|
Create PolicyContextProfileCreates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes 5. Do not create context profile with "custom_attributes" id |
PATCH /global-manager/api/v1/global-infra/context-profiles/{context-profile-id}
|
Create PolicyContextProfileCreates/Updates a PolicyContextProfile, which encapsulates attribute and sub-attributes of network services. Rules for using attributes and sub-attributes in single PolicyContextProfile 1. One type of attribute can't have multiple occurrences. ( Eg. - Attribute type APP_ID can be used only once per PolicyContextProfile.) 2. For specifying multiple values for an attribute, provide them in an array. 3. If sub-attribtes are mentioned for an attribute, then only single value is allowed for that attribute. 4. To get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes 5. Do not create context profile with "custom_attributes" id |
PUT /global-manager/api/v1/global-infra/context-profiles/{context-profile-id}
|
List Context Profile supported attribute typesReturns supported attribute type strings for Context Profile. |
GET /global-manager/api/v1/global-infra/context-profiles/attribute-types
|
List Policy Context Profile supported attributes and sub-attributesReturns supported attribute and sub-attributes for specified attribute key with their supported values, if provided in query/request parameter, else will fetch all supported attributes and sub-attributes for all supported attribute keys. Alternatively, to get a list of supported attributes and sub-attributes fire the following REST API GET https://<policy-mgr>/policy/api/v1/infra/context-profiles/attributes |
GET /global-manager/api/v1/global-infra/context-profiles/attributes
|
Update custom object attribute value list for given attribute keyThis API updates custom attribute value list for given key. |
PATCH /global-manager/api/v1/global-infra/context-profiles/custom-attributes
(Deprecated)
|
Adds/Removes custom attribute values from listThis API adds/removes custom attribute values from list for a given attribute key. |
POST /global-manager/api/v1/global-infra/context-profiles/custom-attributes
(Deprecated)
|
Retrieves custom attribute values for given attribute keyThis API lists all the custom attribute values defined in the system for the attribute_key mentioned as part of the url. |
GET /global-manager/api/v1/global-infra/context-profiles/custom-attributes/default
|
Update custom attribute value list for given attribute key.This API updates custom attribute value list for given key in the request. This replaces the existing list with the list provided in the request |
PATCH /global-manager/api/v1/global-infra/context-profiles/custom-attributes/default
|
Adds/Removes custom attribute values from listThis API adds/removes custom attribute values from list for a given attribute key. The values in the request will be added or removed from the existing list. |
POST /global-manager/api/v1/global-infra/context-profiles/custom-attributes/default
|
List Groups for a domainList Groups for a domain. Groups can be filtered using member_types query parameter, which returns the groups that contains the specified member types. Multiple member types can be provided as comma separated values. The API also return groups having member type that are subset of provided member_types. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups
|
Delete GroupDelete the group with group_id under domain domain_id. The force query parameter supported on the API is deprecated. Usage of the force query parameter does not alter the behaviour of the API. The API just ignores the force parameter. |
DELETE /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}
|
Read groupRead group |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}
|
Patch a groupIf a group with the group-id is not already present, create a new group. If it already exists, patch the group. Group created with Kubernetes membership criteria includes only Antrea reported inventory as its members. Once created, Groups with Identity (Directory) Group members should be updated with the new Distinguished Name in case it is changed on AD Server. Maximum of 500 malicious IP Groups (i.e Group with criteria having IPAddress equals All MALICIOUS_IP) should be created. |
PATCH /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}
|
Create or update a groupIf a group with the group-id is not already present, create a new group. If it already exists, update the group. Avoid creating groups with multiple MACAddressExpression and IPAddressExpression. In future releases, group will be restricted to contain a single MACAddressExpression and IPAddressExpression along with other expressions. To group IPAddresses or MACAddresses, use nested groups instead of multiple IPAddressExpressions/MACAddressExpression. Group created with Kubernetes membership criteria includes only Antrea reported inventory as its members. Once created, Groups with Identity (Directory) Group members should be updated with the new Distinguished Name in case it is changed on AD Server. Maximum of 500 malicious IP Groups (i.e Group with criteria having IPAddress equals All MALICIOUS_IP) should be created. |
PUT /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}
|
Delete Group External ID ExpressionDelete Group External ID Expression |
DELETE /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/external-id-expressions/{expression-id}
|
Patch a group external ID expressionIf a group ExternalIDexpression with the expression-id is not already present, create a new ExternalIDexpresison. If it already exists, replace the existing ExternalIDexpression. |
PATCH /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/external-id-expressions/{expression-id}
|
Add or Remove external id based members from/to a GroupIt will add or remove the specified members having external ID for a given expression of a group. |
POST /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/external-id-expressions/{expression-id}
|
Delete Group IPAddressExpressionDelete Group IPAddressExpression |
DELETE /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/ip-address-expressions/{expression-id}
|
Patch a group IP Address expressionIf a group IPAddressExpression with the expression-id is not already present, create a new IPAddressExpression. If it already exists, replace the existing IPAddressExpression. |
PATCH /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/ip-address-expressions/{expression-id}
|
Add or Remove IP Addresses from/to a GroupIt will add or remove the specified IP Addresses from a given expression of a group. |
POST /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/ip-address-expressions/{expression-id}
|
Delete Group MACAddressExpressionDelete Group MACAddressExpression |
DELETE /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/mac-address-expressions/{expression-id}
|
Patch a group MAC Address expressionIf a group MACAddressExpression with the expression-id is not already present, create a new MACAddressExpression. If it already exists, replace the existing MACAddressExpression. |
PATCH /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/mac-address-expressions/{expression-id}
|
Add or Remove MAC Addresses from/to a GroupIt will add or remove the specified MAC Addresses from a given expression of a group. |
POST /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/mac-address-expressions/{expression-id}
|
Get member types for a given GroupIt retrieves member types for a given group. In case of nested groups, it calculates member types of child groups as well. Considers member type for members added via static members and dynamic membership criteria. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/member-types
|
Get Effective Cloud Native Service Instances that belong to this group.Returns Effective Cloud Native Service Instances that belong to this group. This API is applicable only for Groups containing CloudNativeServiceInstance member type. For Groups containing other member types,it returns an empty list. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/cloud-native-service-instances
|
Get Discovered Port Groups that belong to this GroupGet Discovered Port Groups that belong to this Group |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/dvpg
|
Get discovered ports that belong to this GroupGet discovered ports that belong to this Group |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/dvports
|
Get IP addresses that belong to this GroupGet IP addresses that belong to this Group. This API is applicable for Groups containing either VirtualMachine, VIF, Segment ,Segment Port or IP Address member type.For Groups containing other member types,an empty list is returned |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/ip-addresses
|
Get Effective IPGroups that belong to this group.Returns effective IPGroups that belong to this group. This API is applicable only for Groups containing IPSet member type. For Groups containing other member types,it returns an empty list. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/ip-groups
|
Get logical ports that belong to this GroupGet logical ports that belong to this Group This API is applicable for Groups containing either VirtualMachine, VIF, Segment or Segment Port member type.For Groups containing other member types,an empty list is returned. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/logical-ports
|
Get logical switches that belong to this GroupGet logical switches that belong to this Group. This API is applicable for Groups containing Segment member type. For Groups containing other member types, an empty list is returned. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/logical-switches
|
Get Effective Physical Server Members that belong to this group.Returns Effective Physical Server Members that belong to this group. This API is applicable only for Groups containing Physical Server member type. For Groups containing other member types,it returns an empty list. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/physical-servers
|
Get pods that belong to this GroupGet pods that belong to this Group. This API is applicable for Groups containing either Pod, Cluster, Namespace, Service member type. For Groups containing other member types an empty list is returned |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/pods
|
Get segment ports that belong to this GroupGet segment ports that belong to this Group |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/segment-ports
|
Get segments that belong to this GroupGet segments that belong to this Group |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/segments
|
Get Virtual Network Interface instances that belong to this GroupGet Virtual Network Interface instances that belong to this Group. This API is applicable for Groups containing VirtualNetworkInterface and VirtualMachine member types. For Groups containing other member types,an empty list is returned.target_id in response is external_id of VirtualNetworkInterface or VirtualMachine. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/vifs
|
Get Virtual machines that belong to this GroupGet Virtual machines that belong to this Group. This API is applicable for Groups containing VirtualMachine,member type. For Groups containing other member types,an empty list is returned. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/members/virtual-machines
|
Delete Group Path ExpressionDelete Group Path Expression |
DELETE /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/path-expressions/{expression-id}
|
Patch a group path expressionIf a group path_expression with the expression-id is not already present, create a new pathexpresison. If it already exists, replace the existing pathexpression. |
PATCH /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/path-expressions/{expression-id}
|
Add or Remove path based members from/to a GroupIt will add or remove the specified members having path for a given expression of a group. |
POST /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/path-expressions/{expression-id}
|
Get tags used to define conditions inside a GroupGet tags used to define conditions inside a Group. Also includes tags inside nested groups. |
GET /global-manager/api/v1/global-infra/domains/{domain-id}/groups/{group-id}/tags
|
Get groups for which the given object is a memberGet policy groups for which the given object is a member. In Federation environment, if the given object is a global entity (eg: global segment) and if the entity is not stretched to the site specified in the enforcement_point_path parameter,then the following is returned:- 1)If the entity is a member of any global group and that group is stretched to the enforcement_point_path site,then the API returns an empty list. 2)If the entity is not a member of any global group,this API returns an 'invalid path' error message. 3)If both the entity and its corresponding groups are stretched to the enforcement_point_path site , then the API returns the groups list. |
GET /global-manager/api/v1/global-infra/group-associations
|
Get groups for which the given IP address is a memberGet policy groups for which the given IP address is a member. |
GET /global-manager/api/v1/global-infra/ip-address-group-associations
|
Get groups for which the given Physical Server is a memberGet policy groups for which the given Physical Server is a member. |
GET /global-manager/api/v1/global-infra/physical-server-group-associations
|
Get groups for which the given pod is a memberGet policy groups for which the given pod is a member. |
GET /global-manager/api/v1/global-infra/pod-group-associations
|
List Services for infraPaginated list of Services for infra. |
GET /global-manager/api/v1/global-infra/services
|
Delete ServiceDelete Service |
DELETE /global-manager/api/v1/global-infra/services/{service-id}
|
Read a serviceRead a service |
GET /global-manager/api/v1/global-infra/services/{service-id}
|
Patch a ServiceCreate a new service if a service with the given ID does not already exist. Creates new service entries if populated in the service. If a service with the given ID already exists, patch the service including the nested service entries. |
PATCH /global-manager/api/v1/global-infra/services/{service-id}
|
Create or update a ServiceCreate a new service if a service with the given ID does not already exist. Creates new service entries if populated in the service. If a service with the given ID already exists, update the service including the nested service entries. This is a full replace. |
PUT /global-manager/api/v1/global-infra/services/{service-id}
|
List Service entries for the given servicePaginated list of Service entries for the given service |
GET /global-manager/api/v1/global-infra/services/{service-id}/service-entries
|
Delete Service entryDelete Service entry |
DELETE /global-manager/api/v1/global-infra/services/{service-id}/service-entries/{service-entry-id}
|
Service entryService entry |
GET /global-manager/api/v1/global-infra/services/{service-id}/service-entries/{service-entry-id}
|
Patch a ServiceEntryIf a service entry with the service-entry-id is not already present, create a new service entry. If it already exists, patch the service entry. |
PATCH /global-manager/api/v1/global-infra/services/{service-id}/service-entries/{service-entry-id}
|
Create or update a ServiceEntryIf a service entry with the service-entry-id is not already present, create a new service entry. If it already exists, update the service entry. |
PUT /global-manager/api/v1/global-infra/services/{service-id}/service-entries/{service-entry-id}
|
List all unique tags.Returns paginated list of all unique tags. Supports filtering by scope, tag and source from which tags are synced. Supports starts with, ends with, equals and contains operators on scope and tag values. To filter tags by starts with on scope or tag, use '*' as suffix after the value. To filter tags by ends with on scope or tag, use '*' as prefix before the value. To filter tags by contain on scope or tag, use '*' as prefix and suffix on the value. Below special characters in the filter value needs to be escaped with hex values. - Character '&' needs to be escaped as '%26' - Character '[' needs to be escaped as '%5B' - Character ']' needs to be escaped as '%5D' - Character '+' needs to be escaped as '%2B' - Character '#' needs to be escaped as '%23' Sort option for list of unique tags is available only on tag and scope properties. |
GET /global-manager/api/v1/global-infra/tags
|
List all objects assigned with matching scope and tag valuesPaginated list of all objects assigned with matching scope and tag values. Objects are represented in form of resource reference. Sort option is available only on target_type and target_display_name properties. |
GET /global-manager/api/v1/global-infra/tags/effective-resources
|
Get details of tag bulk operation requestGet details of tag bulk operation request with which tag is applied or removed on virtual machines. |
GET /global-manager/api/v1/global-infra/tags/tag-operations/{operation-id}
|
Assign or Unassign tag on multiple Virtual Machines.Tag can be assigned or unassigned on multiple objects. Supported object type is restricted to Virtual Machine for now and support for other objects will be added later. Permissions for tag bulk operation would be similar to virtual machine tag permissions. |
PUT /global-manager/api/v1/global-infra/tags/tag-operations/{operation-id}
|
Get status of tag bulk operationGet status of tag bulk operation with details of tag operation on each virtual machine. |
GET /global-manager/api/v1/global-infra/tags/tag-operations/{operation-id}/status
|
Get groups for which the given VM is a memberGet policy groups for which the given VM is a member. |
GET /global-manager/api/v1/global-infra/virtual-machine-group-associations
|
Get groups for which the given VIF is a memberGet policy groups for which the given VIF is a member. |
GET /global-manager/api/v1/global-infra/virtual-network-interface-group-associations
|
List all VM tag replication policiesList all VM tag replication policies. |
GET /global-manager/api/v1/global-infra/vm-tag-replication-policies
|
Delete the VM tag replication policy specified by idDelete the VM tag replication policy specified by id. |
DELETE /global-manager/api/v1/global-infra/vm-tag-replication-policies/{id}
|
Get the VM tag replication policy specified by idGet the VM tag replication policy specified by id. |
GET /global-manager/api/v1/global-infra/vm-tag-replication-policies/{id}
|
Patch the VM tag replication policyPatch the VM tag replication policy. |
PATCH /global-manager/api/v1/global-infra/vm-tag-replication-policies/{id}
|
Create or update the VM tag replication policyCreate or update the VM tag replication policy. |
PUT /global-manager/api/v1/global-infra/vm-tag-replication-policies/{id}
|